|
•
UOB Internet Banking Security Technology
•
Your Role In Safeguarding Your Personal Data & Account
Information
•
Customer Service
Your
Role In Safeguarding Your Personal Data And Account Information
You are responsible for keeping your Password confidential. Failure to do so exposes you to the risks
of fraud and loss. UOB will not be responsible for losses suffered by customers as a result of:
• Input errors or misuse of
its Internet services;
• Negligent handling or sharing
of banking Password;
• Leaving a computer unattended
during an online session;
• Failure to immediately report
known incidents of unauthorised account access.
We strongly recommend that you observe the following best privacy
and security practices at all times:
1. Managing Your
Access ID/PIN/User ID and Password
| • |
Your Access ID/PIN/User ID and Password
identify you when you use our Internet banking services. If any of
these becomes invalid or ceases to have effect, it is imperative
that you inform us by calling UOB 121 for the respective services. |
| • |
Ensure that no one can see your Password when you login to our system. |
| • |
Ensure that you keep your Password confidential at all times and do not
divulge it to anyone. |
| • |
Do not allow anyone (without exception) to use
your Access ID/PIN/User ID and Password, as you are responsible
for all transactions undertaken with your Access ID/PIN/User
ID and Password. |
| • |
Do not create your Password similar to your User ID,
personal telephone number, birth date or other personal information. |
| • |
Memorise your User ID and Password and do not
record it anywhere. |
| • |
Change your Password regularly. |
| • |
Do not use the same character more than once for
your Password. |
| • |
Do not recycle your recently used Password. |
| • |
Change your Password IMMEDIATELY if you suspect
that someone knows it. |
| • |
The same Password should not be used for different websites,
application or services particularly when they relate to different
entities. |
| • |
Do not select the option on your browser for storing
or retaining User ID and password. |
Note: No staff members of UOB should ever ask you for
your Password for whatsoever reasons.
2. Take Precautions
Against Your Password Keystrokes Being Captured
Exercise the necessary precautions to protect your personal computer
against viruses and other malicious programmes. Aside from damaging
and/or destroying data, viruses and malicious programmes can capture
your password keystrokes and other personal information and send
them to another person without your consent.
Precautions that you can take include the following:
| • |
Ensure that you install an effective
personal firewall1 as well as anti-virus2 and
anti-Trojan horse3 softwares. These should be updated regularly.
|
|
1Personal Firewall |
|
Personal firewalls serve two basic functions. They protect your
system from unsolicited scans coming from the Internet and usually offer outbound controls as well.
An inbound scan will look for and block any uninvited commands, instructions, programmes or messages from
entering your system, while outbound controls will look for and block unfamiliar programmes
(like viruses and Trojan horses) from trying to send out messages from your computer.
|
|
2Anti-Virus Software |
|
Anti-virus softwares scan your hard disk to find and remove viruses.
To some extent, these products can also scan and may be able to remove worms and Trojan horses.
|
|
3Anti-Trojan Horse Software |
|
Anti-Trojan horse softwares can identify and remove more programmes
that act like Trojan horses than anti-virus softwares can. A Trojan horse programme is usually an
innocent programme or utility that you might download on your PC. However, behind
the programme's perceived functions lurks a function that allows it to damage your
computer or steal your personal information.
|
| • |
Do not download any software from
a web site that is of doubtful origin. |
| • |
Ensure that you install an effective
anti-virus software and update it regularly. |
| • |
Do not open any e-mail or attachment
that is from a source unknown to you. When in doubt, please
delete such e-mail without opening it. |
3. Log In Directly
If you wish to access a website belonging to UOB or its subsidiaries
or associates, always personally and directly enter the relevant website address in the browser address
bar. A list of the relevant website addresses is set out below for your reference. If you encounter
suspicious or fraudulent websites passing off as websites of UOB or its subsidiaries or associates,
please notify us immediately at UOB 121.
List of UOB Group Websites
4. Remember To Log Out
Always remember to log out of your Internet banking session when you
have completed your Internet banking transactions or even when you need
to walk away from your computer for just a minute. Do not leave
your computer unattended while Internet banking transactions are being
processed.
5. Clear Your Browser's Cache
Default files on a computer, sometimes called 'cache' files,
can retain images of data sent or received over the Internet,
making them a potential target for a system intruder. Therefore,
we strongly advise that you clear your browser's disk cache after
each Internet banking session.
How To Clear Your Cache (Navigator 6.X)
| • |
Select 'Edit' from the Menu bar |
| • |
Select 'Preferences' |
| • |
Expand 'Advanced' to show 'Cache' |
| • |
Select
'Cache' |
| • |
Click the 'Clear Disk Cache' button and answer 'OK' |
| • |
Click
the 'Clear Memory Cache' button and answer 'OK' |
| • |
Click
'OK' to exit the dialog box |
How To Clear Your
Cache (Internet Explorer 4.X/5)
| • |
Select 'View" from the Menu bar (if you are using IE 4.X) |
| |
OR |
| • |
Select 'Tools' from the Menu bar (if you are using IE 5) |
| • |
Select
Internet Options' |
| • |
Select 'General' tab |
| • |
Click the 'Delete Files' button under
Temporary Internet Files and answer "OK' |
| • |
Click 'OK' to exit the dialog box |
6. Avoid Sharing Personal Computers (PCs)
Avoid using shared PCs or public PCs such as those found in cyber
cafes to perform Internet banking transactions. If there is a need to
do so, always satisfy yourself thoroughly that the PCs are free
from viruses and be sure to clear the browser's cache when you
have completed your transactions.
7. Verify The Authenticity Of The UOB Internet Banking Web
Site
We provide a Secure Zone icon (as symbolised by a 'padlock' icon)
within our Internet banking/transaction web pages for your verification
of its authenticity.
To verify the authenticity of the UOB Internet Banking web site,
look for the Secure Zone icon on the web page, click it, and ensure
that 'United Overseas Bank (Malaysia) Bhd' is displayed as a part
of UOB's VeriSign Secure Server ID from
https://digitalid.verisign.com
.
There are two ways by which you can verify that you are logging
in to a secure web page:
| i |
Check that the UOB Internet Banking web site
address changes from http:// to
https:// and that a security icon (as symbolised by a lock
or key) appears at the
bottom status bar of the browser. This indicates that the
web page that you are
online with uses encryption technology. You can double click
the security icon to
view information pertaining to the security certificate for
the web page. |
| ii |
Depending on the browser that you are using,
you can also verify that you are in a
secure web page by doing the following: |
On Internet Explorer
Point the mouse on the web page and right click the mouse. Scroll
to 'Properties' and click the mouse. Ensure that the following
information appears in the 'Properties' dialog box shown on the
screen:
| Protocol |
: |
Hyper
Text Transfer Protocol with Privacy |
| Connection |
: |
SSL
3.0, RC4 with 128 bit encryption (High); RSA with 1024 Bit
Exchange |
| Address
(URL) |
: |
The
url should start with '<https://>' |
You can click the 'Certificates'
button in the dialogue box to view information pertaining to the
security certificate for the web page.
On Netscape
Point the mouse on the web page and right click the mouse. Scroll
to 'View Page Info' and click the mouse. Ensure that the following
information appears on the display screen:
|
Location |
: |
The
location should start with '<https://>' |
|
Security |
: |
Connection Encrypted : High-grade Encryption (RC4 128bit) |
|
Certificate |
: |
This
Certificate belongs to … United Overseas Bank (Malaysia) Bhd. |
8. Inform Us Immediately
Of Suspected Invasion Of Your Privacy Or Of Unauthorised Transaction
If you suspect that your privacy has been invaded or that your
account(s) has/have been accessed by unauthorised persons, please
change your Password immediately and contact us by calling
the UOB 121 for the respective services. Check your account statements
to see if any transaction has been performed without your authorisation.
Should there be any unauthorised or unusual transactions, please
notify us immediately.
You should check your account statements regularly and notify
us promptly of any errors. At the minimum, you should check your
account statements at least once a month.
Bank accounts
If you object
to any entry or omission in your bank account statement in respect
of any calendar month, you must inform the Bank in writing within
14 days of the end of that calendar month as failure to do so
shall imply your acceptance of the account statement and its correctness.
To contact us, please refer to the following:
| UOB
121 Tel no. |
(6) 03-26128 121 |
(Kuala Lumpur) |
| |
(6) 07-2881 121 |
(Johor Bahru) |
| |
(6) 04-2401 121 |
(Penang) |
| |
(6) 082-287 121 |
(Kuching) |
| |
(6) 088-477 121 |
(Kota Kinabalu) |
9. E-mail Security
As information submitted via e-mail is not encrypted during transmission,
it is important that you do not indicate your account or credit
card number nor convey any confidential information or banking
or other instructions in your enquiries and/or comments.
If you encounter any suspicious email, passing off as an email from UOB Malaysia, please notify us immediately.
10. Additional Recommended
Good Practices To Safeguard Your Online Security
| • |
Remove file and printer sharing in your
computer, especially when you have Internet access via cable modem,
broadband connection or a similar set-up. |
| • |
Make regular backup of critical data. |
| • |
Consider the use of encryption technology to
protect highly sensitive data. |
| • |
Do not install junk software or run programmes
of unknown origin. |
| • |
Delete junk or chain emails. |
| • |
Do not open email attachments from strangers. |
| • |
Do not disclose personal, financial or credit card
information to little-known or suspect websites. |
| • |
Do not use a computer or device which cannot be trusted |
|