Staying safe whilst online

Barclays takes the security and confidentiality of your internet banking activities very seriously. We have put a number of measures in place to ensure that you can conduct your business activities over the internet safely and securely, so long as you comply with your security obligations.
Do not download software, open attachments or follow links that you are sent by email unless you are sure they are safe.

Anti-virus
When using Digital Channels, you have an obligation to ensure your computer has up-to-date anti-virus software.

Wireless networks
If you are using a wireless network you should ensure that the wireless connection has a minimum of authentication type of WPA2, (not WEP or WPA), if you are unsure of this ask a member of your local IT team to confirm.

Internal controls
You can specify the level of control you require in Digital Channels, including the number of authorisers for transactions. A complete audit trail also exists.

We strongly recommend that you choose the Authorisation Required/Dual Authorisation option for the authorisation of transactions.

Keep your PIN and smart card safe
It is vital to note that the smart card and PIN (Personal Identification Number) are specific to you and must not be disclosed or used by anybody else. Any unauthorised access must be avoided by strictly securing the use of your smart card. This means storing the card so only the relevant user can access it. In addition:

• You should not leave your computer or laptop unattended whilst logged into Digital Channels
• Do not write down your PIN in any recognisable form
• Change your PIN as soon as practicable and keep any PIN details secret
• Do not allow a web browser to store your PIN
• Only insert the smart card into the reader when it is required to 'authenticate' your activity such as a transaction/payment or logging in. Once the activity has been 'authenticated' take the smart card out of the reader. This is critical as leaving the smart card plugged into a computer could seriously expose you to risk if a fraudster were able to take remote control of the computer; from a risk perspective, not removing the smart card is equivalent to leaving the engine running in an unattended, unlocked car.

Any loss or compromise of the smart card, or disclosure of the PIN (accidental or otherwise) must be reported immediately to your system administrator and the Helpdesk. A replacement smart card and PIN will be ordered for you.

Always logout
Never leave your computer unattended while connected to any site you are using, especially when banking online.

Logout correctly by selecting the 'logout' button in the top right hand corner when you have finished, ensuring the connection is dropped before disconnecting and leaving your computer.

Tabbed browsing
You should not use tabbed browsing e.g. multiple windows with Internet Explorer when carrying out transactions on online banking.

Be aware of your surroundings
If you are using the Internet in a public place be aware of anyone monitoring you, especially if you are using username and password details to access sites.

Ensure that no one is watching you and that you are not being filmed by closed circuit television (CCTV) as this can capture personal details.

Check for monitoring equipment
If you are using a computer in a public place, make sure the equipment you are using does not allow electronic eavesdropping or recording of your activities. This will prevent any username or password details from being seen or recorded by the keystrokes. These are hard to spot, so at work check with your systems administrator or, if you are in an Internet cafe or library, ask a member of staff.

Check the web site certificate
If you are using a web site that is supposed to be secure, i.e. begins https:// check its online certificate via the yellow padlock symbol. The yellow padlock symbol is the security feature of our supported browsers (i.e. Internet Explorer or Firefox).

To check an online certificate left click on the yellow padlock symbol and check that the name on the certificate matches the site you are in and that it has a valid date.

With Firefox the yellow padlock symbol is displayed at the bottom of your browser screen, while with Internet Explorer version 7 and above it will be displayed at the top in the address bar.

Reporting a fraud?
If you believe you have fallen victim to fraud or have received a suspicious email, report this immediately to the Barclays iPortal Support Team, please visit the contact us page.

Forward any emails or screen shots to internetsecurity@barclays.co.uk
and delete the email immediately, making sure not to open any links contained within the email.