TELUS

Many people have concerns about security when providing information via the Internet. We've sought to address those concerns with the following question-and-answer format:

Why does TELUS ask me to provide personal information online?

Our goal is to make your online interaction with TELUS as valuable as possible by providing you with a personalized Web experience. To deliver information that is relevant to your needs, we will collect some personal information online.

We promise to protect the information you provide online in the same way we protect all our customer information. We take privacy seriously, as you can see in our privacy commitment.

TELUS will not share your e-mail address with anyone outside of our company; nor will we disclose any other information you provide to outside parties.

How do I know the information I provide is kept secure?

Your TELUS account is not automatically accessible via the Internet. Once you request online access to your account, we request specific information about you and your account to confirm your identity.

We then use several security measures to confirm this information, and only then do we allow online access to your account information.

What specific measures does TELUS take to secure my online transactions?

We use several technological tools to provide security on the website, including:

• The Secure Socket Layer, which protects the information you transmit and prevents interception by unauthorized parties
• A firewall, which restricts unauthorized access to our internal networks where your information is stored.

We also maintain and monitor an audit log, which tracks the use of our security processes and highlights any suspicious activity.

The Secure Socket Layer

The Secure Socket Layer is an industry standard protocol used for communication between your Web browser and the Web server. It provides authentication, data integrity and encryption.

Your browser may give you a message indicating you are entering a secure website. You may also see a blue box outlining the secure page. And if you usually see a broken key or open lock in the lower left corner of your screen, you'll notice it change to a full key or closed lock.

Verisign Secure Site Seal

The TELUS website uses Verisign, the strongest security available for websites. You can validate computer server IDs and status at any time by clicking on the Verisign logo.

Authentication

Authentication confirms that you are who you say you are, and verifies that you are communicating with the TELUS Web server. There are two parts to the authentication process:

• The Secure Socket Layer uses digital certificates to confirm with your Web browser that you are accessing the TELUS Web server.
• Your User ID and password is confirmed to ensure account information is provided only to the correct User ID and corresponding password. An incorrect User ID or password will result in failure to access account information.

Data integrity

The Secure Socket Layer ensures that any alteration to the contents of your message, either intentional or by accident, will be identified and handled in an appropriate manner.

Encryption

The Secure Socket Layer encrypts or "scrambles" the content of your message as it travels across the Internet, making it difficult for unauthorized interceptors to understand. Encryption codes the information in your message, ensuring that it can only effectively be decoded by the TELUS Web server.

Firewall

A firewall is a device, usually consisting of software and hardware, which separates computers with sensitive information on an internal network from an external network such as the Internet. Its purpose is to limit the types of traffic that enter the internal network to prevent malicious attacks on internal computers. By using a firewall, TELUS is ensuring your information is always protected.

What can I do to keep my information secure?

There are some easy steps you can take to keep your information secure:

• Memorize your User ID and password rather than writing them down. If you must write them down, keep them in separate and secure locations.
• Do not share your User ID and password with anyone else.
• Do not leave your computer unattended while the browser is still running.
• Empty your disk cache at the end of your Web session. To do this, select the menu item that allows you to empty disk cache.
• Set your disk cache to 0.

All Web browsers have a default setting that caches their web activity. This means your browser copies the information you see on-screen, like graphics and text files, to the memory and hard disk of your computer. Once loaded into your cache, the browser no longer has to download the information through the Internet, which makes revisiting a website or exploring a new website faster.

Other people who access your computer can access the disk cache and may be able to view the contents of your previous Web activity. You can set your disk cache to 0 to ensure nothing is stored on your hard disk. You won't be able to access previously viewed pages as quickly, but your security will be enhanced.

How long will my user session last after I log in to telus.com? If it expires, will I have to log in again?

A user session is a period of time when you have logged in to telus.com and are navigating through the site.

For your security and protection, telus.com has been designed to end your session automatically if there has been no activity for approximately 30 minutes. Therefore, if you haven't provided any instructions or used the browser buttons to navigate within our services for approximately 30 minutes, the connection will automatically end and you will need to log in again with your username and password.