NetDirect Internet Banking Security
BankDirect takes every practical step to ensure that NetDirect, our Internet banking facility is secure and stays secure. While we have taken these measures, the nature of Internet banking means there are also some simple precautions you should take to further your level of protection.
There are a host of tactics used by criminals, usually based overseas, to attempt to defraud customers which include phishing, Trojan horses, viruses and worms. BankDirect is proactive in developing measures to reduce the risk to customers. This includes blocking all customers.
There are a few things that you should do to further protect yourself.
1. Password security
- You can only sign-in to NetDirect, our Internet Banking service from www.bankdirect.co.nz or https://vault.bankdirect.co.nz. Both of these web addresses have secure NetDirect login pages. To learn how to tell if a website connection is secure, visit the appropriate help page for your browser, for example:
- BankDirect will never ask you to disclose your Internet banking Password online, by email or over the phone. You will always be requested to call our Contact Centre if you have forgotten your password or are experiencing problems, and your identity will be authenticated prior to you receiving your new password.
- Choose a Password you will remember, but is not easy to guess. It will be required to include some numbers as well as letters.
- Take care when entering your Password that others cannot see what you are entering.
- Change your Password regularly. You can do this within our Internet banking system. If you ever believe someone may know your Password you should change it immediately.
- Do not write your Password down or store it on your computer. It should be committed to memory.
- Your Password is yours and yours alone. Never tell anyone your Password. Our staff will never ask you for your Password under any circumstances. Never provide this information if requested.
- You should never leave your computer unattended when doing your Internet banking.
2. Install anti-virus software on your computer and keep it up-to-date
3. Always use the 'Log Off' button when you have finished Internet banking
If possible avoid using "untrusted" or shared computers for Internet Banking, such as Internet Cafes. These computers could be running programs that collect your keystrokes and potentially compromising your Password.
Due to a number of recent email scams that have hit some other New Zealand banks, BankDirect would like to remind you about the importance of keeping your personal Internet banking details safe. Note, BankDirect has not been affected by these scams.
BankDirect has a service called 'netCODE'. netCODE is a 'second factor' authentication service that will further protect customers when they're banking online. A netCODE is automatically sent to a customer when they make large transactions using NetDirect (BankDirect's Internet Banking Service), including without limitation, Virtual Cheque, Automatic Payments and Bill Payments. You will be able to use one netCODE for each NetDirect session subject to not exceeding your daily transaction limit. To receive a netCODE you must have an SMS capable phone and register your mobile phone number with us.
BankDirect takes every practical step to ensure that our Internet Banking services are secure and remain secure.
Trained and Dedicated Staff
Our infrastructure is constantly reviewed to ensure the robustness and security of our Internet banking system. BankDirect maintains a dedicated IS Security team that monitor threats from the Internet and test the environment from all perspectives thus ensuring it is kept at a world best practice security level. Alongside this team, the environment is managed by a highly qualified team of E-Commerce system administrators, whom are dedicated to ensure that this environment is constantly secure and fully operational.
In addition to this internal staffing, we regularly contract independent consultants to verify our security. These reviews further check our systems, looking at areas such as firewall configurations, network device security, web server security and web application security.
BankDirect back up testing and administration work with many technical controls. These include leading-edge firewall systems, highly secured Web Servers, strong encryption and intrusion detection systems.
All communication from your computer to our Web systems is strongly encrypted to assure confidentiality of all data sent and received. We use 128-bit SSL encryption technology.
Access to your accounts is protected by a password. We have employed industry leading security systems to support access control.
Your session will time-out if you have not been using your PC for 5 minutes or more. This is designed to prevent an unauthorised user getting access if you accidentally leave your computer while logged on.
If someone does try to guess your Password it will lock your account after 5 unsuccessful attempts. This will stop an unauthorised user trying multiple times to guess your Password.
Your initial Password is generated by a highly secure password generation system. This secure password must be changed when you first log in to the system.
Advanced alerting systems that immediately report any unusual activity and are followed-up by our IS Security team.
If you have any concern or suspect a security breach of any kind please contact us immediately(0800 500 400 or 64 9 308 0308). We treat all concerns of this nature extremely seriously and will make every effort to address your concern.