Whether you bank with us on an individual or a corporate level, your personal and financial information security is on our top priorities.
At INVESTBANK we care about your accounts’ security and implement the tightest security standards and most developed measures for you to enjoy a secure in branch and online journey. Find out more about:
How to protect yourself
How we protect you
Your information and date security is our top priority. We strive to keep your data and accounts secure through the following security safeguards:
Multi-Factor Authentication protects your accounts by using a second source of validation before executing sensitive transactions. This method is also used to verify ownership when logging in from different devices by sending a one-time password to your registered phone number to authenticate the new device. Once you authenticate successfully, we’ll sign you securely into your account and register that new device upon your confirmation. This will prevent attackers from accessing your online accounts even if they know your password.
This advanced authentication mechanism is also activated to authenticate your identity before doing sensitive activities on your account, such as adding a new beneficiary, changing your registered mobile number, or paying a bill.
For our corporate online banking users, a soft token is used to authenticate their access to corporate iBank accounts.
At INVESTBANK, we keep a sharp eye to detect illegal transactions or any malicious activities that may occur on your cards or accounts online. Example: when credit cardholder enters the card information on a non secure online platform, or accidentally downloads a malicious software on digital devices that allow hackers to access and steal the cards and accounts information stored on your device, INVESTBANK’s security team monitors the internet to detect such instances and prevent fraudulent activities on your accounts and cards.
Our online banking service, iBank, allows you to message and interact with us securely through our Secure Messaging service.
We deploy advanced encryption technologies to protect your sensitive information. When visiting our online services, you will notice that we use ‘https’ protocol to encrypt your financial information and personal data while being transmitted. We also encrypt your financial and personal data on all our systems to maintain continuous protection of your sensitive data.
Because we care about your security, we are deploying. Advanced cybersecurity controls and protection systems to secure your digital journey. We continuously develop our security safeguards to protect you from the evolving cyber threats.
Our staff is following standard security practices to keep your data secure and protected. Our employees undergo regular security awareness and educational programs on cybersecurity and on how to contribute in protecting clients information. Our business processes follow a set of established policies and procedures to limit employees’ access to your sensitive records.
Compliance with Security Standards
We are committed to maintaining compliance with relevant international security standards to ensure that our security practices follow internationally recognized security practices in the banking sector.
Biometric Sign On
iBank mobile application allows you to sign in to your accounts using your biometrics, such as fingerprint or facial recognition, in a very secure, fast and convenient way.
We listen to you!
We’re here to answer your questions. If you want to know more about our security measures or want to report a suspicious activity on your accounts, please reach out to our Contact Center at 06 500 1515.
Learn more about security.
Hackers and fraudsters make a lot of money from online frauds; they steal card information and account credentials to sell them on what is known as the dark web.
The internet consists of many layers. Part of the internet is the surface web that encompasses everyday internet browsing and is available to the generic public, such as search engines, email services, public websites and more. There is also the deep web that protects private accounts and information not meant for public viewing, such as, medical records, legal documents, and private databases. The third type is the dark web, the hidden collective of internet sites not indexed by search engines and not visible to the public. Access to the dark web requires special software and relies on cryptography. Criminals and fraudsters use the dark web to conduct their illegal activities, such as drug trafficking, selling stolen credit card details, and more.
First, keep an eye on the URL and make sure that you are visiting the correct website. Second, you may check the validity of the website certificate in your browser and that the certificate is valid and issued to INVESTBANK.
Reliance on passwords only to access your accounts is insufficient; hackers have many techniques to steal or guess passwords. By using MFA, you can protect your accounts even if your password is stolen or guessed. MFA allows you to use another factor of authentication that is difficult for hackers to get, such as an OTP sent to your phone number. This way, you can block any unauthorized access to your accounts.
Hackers use a variety of methods to steal passwords. One widely used technique is social engineering, where hackers convince victims to visit a fake website to log into their accounts or update their passwords, for example. Once the victim enters their password, the hacker captures it. There are different types of social engineering techniques; the one described above is just one.
Another method that is also used widely is installing a virus on a victim’s computer or mobile device; whenever the victim visits an online service that requires login, the virus captures the password and sends it to the attacker; this is why it is recommended to install trusted software on your devices.
Your sensitive information should be solely known by you, and you should not share your sensitive information with anybody else, including family members, friends or even INVESTBANk staff. If somebody knows your sensitive information, they can access your accounts, conduct fraudulent transactions on your behalf, reset your passwords, claim your digital identity and more. Sensitive information includes your passwords, OTP, credit and debit card details, and personal information that uniquely identifies you.