Safe internet banking: guidelines from the banks

Dutch banks adhere to five principles for safe internet banking. These principles were drawn up in early 2014 by the Dutch Banking Association (NVB) in consultation with the Consumers’ Association. In 2019 they were adjusted in connection with the European payment law PSD2.

The five principles that the NVB has drawn up are:

• Keep your security codes secret
  • Only use security codes yourself and do not write them down.
  • Choose a security code that is not easy to guess.
  • Never provide security codes by phone, email, or any other means. Banks and other service providers never ask for these codes.
• Make sure your debit card is never used by anyone else
  • Customers should not be distracted while using the bank card.
  • Always keep the bank card in a safe place. Check regularly whether you still have the bank card in your possession.
• Ensure proper security of the equipment you use for banking
  • Provide the installed software and the operating system on the computer, tablet and/or smartphone with the latest possible (security) updates.
  • Do not install illegal programs.
  • Secure access to the devices with a password, PIN or otherwise.
  • Make sure no one else can do online banking on your devices.
  • Always log out of internet banking.
• Check your bank account
  
  • Check your digital account information at least every two weeks. Those who still receive paper statements should preferably check them within two weeks of receipt.
• Report incidents directly to the bank and follow the instructions of the bank
  Think of:
  • Your bank card has been stolen or lost.
  • You know or suspect that others have used your secure information.
  • The account statement contains transactions for which you have not given permission.
  • Your mobile device containing a banking application has been stolen or lost.

Should you nevertheless become a victim of fraudsters, you have a greater chance of receiving compensation from the bank if you adhere to these principles.

The five principles of banks are in fact guidelines that help the bank’s customers to bank digitally in a secure way. But as they say themselves: ‘The banks are aware that the average consumer cannot protect himself 100 percent against internet criminals. The banks take this into account when assessing whether customers are entitled to compensation for the damage.’

What does that mean? Even people who do not adhere to the five principles can receive compensation if they are victims of fraud. The bank investigates on a case-by-case basis whether there is gross negligence. Only if this is demonstrated, the right to compensation lapses.

What exactly do you have to do to be able to do online banking safely? It goes without saying that you protect your own computer well. Such security is not only necessary for internet banking. You don’t want intruders on your PC anyway. You can read all about it in the article ‘Safe in 10 steps’. You will also find numerous articles on the website under the Security theme that help you properly secure your devices. Below we list what you should pay attention to if you want to be able to bank and use the internet safely.

• Windows Update
  Always have the latest operating system updates installed if you have a Windows computer.
• Antivirus program
  Install an antivirus program if necessary and make sure you always have the latest updates. Run a scan of your system every month.
• Software
  Other programs that you have installed on your PC may also contain security vulnerabilities. Therefore, always install the latest software updates.
• Wireless home network
  Make sure your wireless network (Wi-Fi) is secured with a strong password.
• Wifi network
  Only connect to trusted Wi-Fi networks. On public and unsecured Wi-Fi networks, others may be able to see what you’re doing on the Internet and what data you’re sending.
• Suspicious emails and files
  Don’t open emails you don’t trust. Do not click on unknown attachments in emails. And if you receive an e-mail requesting you to log in to a system with your (banking) details, do not respond. Official bodies never ask for your data. If you do not trust it, please contact your bank.
• web address
  Banks use secure addresses. Check this: do you see ‘https:”//’ and a lock in the address bar? Then you are dealing with a secure address.

Mobile devices also need to be secured. Read about it in the article ‘Secure mobile internet banking’.