Flagstar Bank tries to be screen-reader friendly. Please use the following links to skip to the desired section of the page.
Personal Online Banking uses several different methods to protect your information.
All information within Personal Online Banking uses a high-level method called SSL (Secure Socket Layer) protocol for transferring data. SSL is encryption that creates a secure communication environment for the information being transferred between your browser and Flagstar Bank.
We use a one-time pass code as an additional security measure to confirm your identity when your communication device is not recognized by our server.
One-time pass codes add more security protection than only a username and password. This will help make it safer when you log in from public computers in such places like hotels, cafes, or airports.
In addition, one-time pass codes may be required each time you log in from your personal device if your device does not permit cookies to remain within your browser, or if our security system detects a change in your activity patterns. Specifically, cookies are messages that Web servers pass to your Web browser when you visit Internet sites. Only the website that creates a cookie can read it, so other servers do not have access to your information.
The one-time pass code is sent to “something you have,” such as your cell, home phone or email.
Our recommendation is to utilize text messaging or the “Call Me” feature which will call your phone and provide the one-time pass code to you. An alternative method would be to utilize the email option which provides the pass code to the email you have provided.
Flagstar Bank employs behavior analytic software and monitors Personal Online Banking activity to understand and improve our services. Any possible fraudulent, suspicious or unauthorized activity of our services is investigated to protect all of our customers.