Member Security

Protecting your security is always our priority.

If you ever believe you have been the victim of any suspected fraud on your American Heritage accounts, contact us immediately.

Important Security Update to Prevent Account Aggregator Fraud

Account aggregator services are an easy way for consumers to connect all of their various financial relationships. However, account aggregation can also lead to account fraud. In order to protect the security of our members, beginning August 15th, American Heritage will turn on Multi-factor Authentication (MFA) when using an account aggregator service due to the recent uptick in fraudulent transactions using stolen credentials within aggregator services. This will affect members using services like Quicken, Mint, TurboTax, PayPal, etc., as well as other credit unions or banks that might connect to your American Heritage account. 

American Heritage has not been requiring MFA for aggregators, which go through an initial validation process, and often automatically log in daily to update account data. However, beginning August 15th, the next time you connect to American Heritage via a service that uses an aggregator, you will be asked to complete a security verification in order to proceed. You may not be asked to verify your identity every time, but you may be asked again in the future. While this may seem like a small change, protecting our members' security is always our biggest priority.

You may be familiar with MFA, as your online experience with American Heritage is always secure with our MFA protecting your privacy. By asking you, in a one-time enrollment process, for a user name, password and answers to challenge questions that no one else would know, American Heritage is able to verify that you are who you say you are.

What are Spoof Websites? What does "spoofing" mean?

The safest method to ensure that you are on an authentic website is to check the website address every time you use it. Be diligent and cautious in providing personal information such as Social Security number, credit or debit card information, or account numbers.  If you receive an email asking for this information, or if you are directed to a website that asks for this, you are likely the recipient of a phishing scam and perhaps being directed to a spoof website. American Heritage uses multi-factor authentication to protect our members as well. 

If you believe that you have visited a spoof website, or have received a phishing email, please call our Contact Center immediately at 215.969.0777. Remember, American Heritage will never ask for your password. 


If you receive a call that appears to be from American Heritage, and the caller asks for your social security number, PIN or passwords, please do not provide any information. Make note of the number, disconnect the call and report the call to us at 215.969.0777. For texts, do not reply. American Heritage will NEVER call and ask you for a PIN or password.

Spoofing is a scam designed to deliberately falsify the information transmitted to your caller ID display in an effort to disguise the caller’s true identity. Spoofing scammers often use a caller ID that appears to be from your bank or credit union. In some instances, scammers also spoof a number from a local government agency. If this call or text is answered, the scammer will create a false story that the call recipient’s card is being used, and then will ask for personal information that can be used to steal funds or to conduct other fraudulent activity. Once again, American Heritage will never call to ask for your Online Teller/Mobile Teller account ID and password, Account Number, Social Security Number, or Credit/Debit Card PIN.

A spoof website is designed by fraudsters and claims to be the legitimate website of an organization. In the case of credit unions or banks, they appear to be identical and are designed to capture, and steal, online banking login information. The domain or website address is often similar. At American Heritage, our domains are, or Fraudsters often use phishing emails to drive members or non-members to spoof websites as well. By providing a fake password, they can then send the unsuspecting website user to a page that shows a false inflated balance.

How do I set up Instant Account Alerts to monitor my account?

We always encourage our members to set up eAlerts to help monitor accounts for activity. Not only does this help manage your daily finances, but eAlerts can also help detect fraudulent activity.  The eAlerts are text or email messages sent to your phone, mobile or desktop device that let you know important information such as debit card activity, direct deposit received, low balance in your account, and more. To sign up for eAlerts, login to Online Teller and click on the eAlerts Tab or log in to your Mobile Teller App, click Member Service > eAlerts.

How do I use Card Controls to manage my cards?

If you have a credit or debit card with American Heritage, we offer a valuable privacy benefit in our Card Controls. This safety feature allows you to activate a debit card, submit a travel notification, manage overdraft privilege, deactivate a lost or stolen card, change authorization limits and much more. To set up Card Controls, login to your Mobile Teller app, click on Card Services in your menu, and then you will be prompted to deactivate a lost or stolen card, change an authorization limit, and more.

What is Falcon Fraud Protection? How does it verify my purchases?

American Heritage is committed to ensuring the safety of your financial information. American Heritage has a Falcon Fraud Protection system that automatically analyzes all debit and credit card transactions. If any activity occurs that is unusual or suspicious in your account, Falcon Fraud may detect it and you will receive a phone call to confirm if the transaction is legitimate or fraudulent.

You may contact Falcon directly: 855.961.1602.

If you at any time receive a message by phone or email that identifies itself as a fraud protection company and the company’s phone number does not match 855.961.1602, this could be a scam - contact American Heritage immediately! Falcon Fraud Protection is one more way that American Heritage protects you against fraud and identity theft.

What types of Online Security protect my account?

Your online experience with American Heritage is always secure with Multi-Factor Authentication protecting your privacy. By asking you, in a one-time enrollment process, for a user name, password and answers to challenge questions that no one else would know, American Heritage is able to verify that you are who you say you are. Then, if we ever detect any uncharacteristic or unusual activity involving your account, we may ask for identity verification using your challenge questions before allowing the user to continue.

Multi-Factor Authentication also allows you to know that you are using the real American Heritage Online Teller, and not a spoofed site. During your initial login to Online Teller, you will select an image - known as an eStamp - which will be displayed each time you log on. You will also select an eStamp phrase that will be displayed when the eStamp image appears. Since you select the image and phrase during enrollment, you can be assured each time you log in that you are on American Heritage's site and not a fraudulent look alike website.

For an added level of security, American Heritage Credit Union's website is secured by VeriSign, the leading secure sockets layer (SSL) Certificate Authority enabling secure e-commerce and confidential communications for websites, intranets, and extranets. The VeriSign logo will always appear on our website, online applications, Online Teller and OnLine Bill Payer to assure that you are protected. Also, when you visit our website a lock will be displayed on the bottom of your screen indicating that the site is secured. It is also extremely important to keep your password private and to never allow your computer to save your Online Teller password. Always exit Online Teller properly by using the End Session command.


To use Online Teller, "cookies" must be enabled on your browser. Cookies are security tracking devices designed to alert you to previous activity on your account. Since all browsers' default settings enable cookies, you are most likely ready to log on to Online Teller. If you have previously disabled cookies, you must set this feature to "ON" before you begin.


Online Teller is designed to be as user-friendly as possible. On-screen prompts will guide you every step of the way. To ensure accuracy, you will be asked to verify every transaction before it is posted to your account.

Real Time

Feature Online Teller gives you access to your actual, real-time account information. The transactions you perform will be posted instantly, provided there are no holds on the funds.

Time Out Feature

Online Teller will automatically "time-out" after two minutes of screen inactivity. This will prevent others from accessing your personal information if you inadvertently leave your computer while you are logged on to Online Teller. Access your account with confidence, knowing that the American Heritage Online Teller is convenient, secure, and best of all, completely free. You'll enjoy a new level of financial flexibility and control. Visit your local branch or contact us today and visit as often as you like for secure account access.


Be cautious when using email to send us communications that contain confidential information. Emails are not sent in a secure form, may not be immediately received by the appropriate team member at American Heritage, and potentially can be intercepted by third parties. We recommend that you refrain from including sensitive personal information such as social security or account numbers in an email.