SECURITY RECOMMENDATIONS INTERNET BANKING TRANSACTIONAL



Similar documents
U.S. Bank Secure Mail

Secure Client Guide

A guide to Internet Banking

Empathy. ITSI Online ebook Purchasing and Activation System

Online Security Information. Tips for staying safe online

Spring Hill State Bank Mobile Banking FAQs


What s the difference between my Home Banking password and my Enhanced Login Security?

MOBILE BANKING. Why should I use Mobile Banking?

Beginner s Guide to SSL Certificates

Tips for Banking Online Safely

Transferring data safely

Advice about online security

How To Get A Certificate From Digicert On A Pc Or Mac Or Mac (For Pc Or Ipa) On A Mac Or Ipad (For Mac) On Pc Or Pc Or Pb (For Ipa Or Mac) For Free

Stewart Secure User Guide. March 13, 2015

BEGINNERS GUIDE BEGINNERS GUIDE TO SSL CERTIFICATES: MAKING THE BEST CHOICE WHEN CONSIDERING YOUR ONLINE SECURITY OPTIONS

beginners guide Beginners Guide Certificates the best decision when considering your online security options.

Last modified: November 22, 2013 This manual was updated for the TeamDrive Android client version

USERS MANUAL FOR OWL A DOCUMENT REPOSITORY SYSTEM

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

How To Protect Yourself Online

EDGETECH FTP SITE CUSTOMER & VENDOR ACCESS

INFORMATION SYSTEMS SERVICE NETWORKS AND TELECOMMUNICATIONS SECTOR. User Guide for the RightFax Fax Service. Web Utility

Password Depot for Android

Terminal Four. Content Management System. Moderator Access

General tips for increasing the security of using First Investment Bank's internet banking

White paper. How to choose a Certificate Authority for safer web security

NYS OCFS CMS Contractor Manual

Signup instructions for the End User

DigiCert User Guide. Version 4.1

STATE BANK OF BIKANER & JAIPUR

Weston Public Schools Virtual Desktop Access Instructions

Secure User Guide. Guidance for Recipients of Secure Messages from Lloyds Banking Group

SSL Certificates 101

HTTPS GATEWAY INSTRUCTIONS

econtrol 3.5 for Active Directory & Exchange Self-Service Guide

Apple Mac VPN Service Setting up Remote Desktop

User guide. Business

User Guide. The AMF's File Transfer Service (FTS)

Payment Systems Department

You re FREE Guide SSL. (Secure Sockets Layer) webvisions

DSI File Server Client Documentation

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

Proofpoint provides the capability for external users to send secure/encrypted s to EBS-RMSCO employees.

Agile ICT Website Starter Guides

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Electronic Payment Works

Basic Security Considerations for and Web Browsing

Security and Trust: The Backbone of Doing Business Over the Internet

UP L18 Enhanced MDM and Updated Protection Hands-On Lab

Business Mobile Banking

Aspire. Basic Steps for Remote Desktop Protocol (RDP) Setup

Extended SSL Certificates

WinSen Online Payment / Prelease Service

Marcum LLP MFT Guide

Sophos Mobile Control SaaS startup guide. Product version: 6

GMC Connect User Guide v1.1

OKPAY guides. Security Guide

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

RemotelyAnywhere. Security Considerations

USING CAMPUS ANYWARE OVER THE VPN (WINDOWS XP)

The FlexiSchools Online Order Management System Installation Guide

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Hang Seng HSBCnet Security. May 2016

Secure Access Portal. Getting Started Guide for using the Secure Access Portal. August Information Services

User s Guide For Department of Facility Services

Enterprise Toolbar User s Guide. Revised March 2015

Important. Please read this User s Manual carefully to familiarize yourself with safe and effective usage.

Securing your Online Data Transfer with SSL

Using Foundstone CookieDigger to Analyze Web Session Management

BEGINNER S GUIDE TO SSL CERTIFICATES: Making the best choice when considering your online security options

Using Internet or Windows Explorer to Upload Your Site

account multiple solutions

IntelliPay Billpay Application Documentation

REMOTE ACCESS - OUTLOOK WEB APP

A Guide for Patients of Abington Park Surgery

The Benefits of SSL Content Inspection ABSTRACT

Portal Administration. Administrator Guide

Fraud Prevention Tips

Click Studios. Passwordstate. Installation Instructions

Assistant Enterprise. User Guide

Remember, this is not specific to your address alone... the METHOD you retrieve your is equally important.

/ 1. Online Banking User Guide SouthStateBank.com / (800)

Word Secure Messaging User Guide. Version 3.0

PROTECT YOUR FINANCIAL TRANSACTIONS

Managed Devices - Web Browser/HiView

Lenovo Partner Access - Overview

The types of personal information we collect and share depend on the product or service you have with us. This information can include:

Password Depot for ios

Version BSP Personal Internet Banking Online Help

Green Pharm is committed to your privacy. We disclose our information practices below and we agree to notify you of:

Welcome to the Protecting Your Identity. Training Module

GENERAL TERMS AND CONDITIONS OF ECOBANK ON LINE BANKING SERVICES

Safe internet for business use: Getting Started Guide

Transcription:

SECURITY RECOMMENDATIONS INTERNET BANKING TRANSACTIONAL This page should provide customers with all the information they need concerning the security of a transactional Internet banking site and, in particular, best practices and security measures. Below is the text recommended by the International Retail Banking security team. Best practices IT security involves a set of techniques and best practices to adopt to protect your computers and your interests when using IT resources, such as Societe Generale's online banking service. These techniques and best practices have been developed by specialists in IT security, but it is important for you to know and apply the simplest of them. Protect your password Your password provides important protection to ensure that you can carry out online transactions in total security. However, to ensure optimum protection, the password should comply with the best practices listed below. o Choosing a password: the 6-figure password is designed to be entered using the virtual keypad. Choosing a "strong" password protects against identity theft. Your password should not be trivial (do not repeat the same figure or series of figures) and should not be easy for a third party to guess (e.g. your birthday). o Using your password: only enter your code using the virtual keypad on the secure login page of your online bank, at the address @ebanking. Never disclose your password to anyone. Societe Generale will never ask you for your password. Log out when you have finished viewing your account: When you log in to the online banking service, a viewing session opens for your account. While this session is open, you can navigate from page to page and carry out certain operations without having to identify yourself again. While this feature is practical, it could allow someone using your computer to browse your account and carry out certain operations without your knowledge. It is vital to log out using the "Log out" button when you have finished viewing your accounts. It is not enough simply to close the page or the browser. Remember that Societe Generale will not be able to reject any transaction carried out during a session opened in your name.

Deactivate your browser's AutoComplete function: Most web browsers offer to save the usernames and passwords you use in login forms, including your online banking login details. The AutoComplete function allows you to access your account at a later time without having to re-enter your username. While this is practical, the AutoComplete function could help a person using your computer to access your account without your knowledge. It is vital to deactivate your browser's AutoComplete function. Remember that Societe Generale will not be able to reject any transaction carried out during a session opened in your name. Secure your computer: Before browsing the Internet, you should protect your computer against potential malicious attacks. To do this, follow the instructions below: o Update your operating system and software: keeping your operating system and software* upto-date is vital to protect your computer against malicious attacks. Closing known security loopholes renders the most common methods of attack ineffective. o Install anti-virus software: you should install anti-virus software on your computer, even if this software is free. Such software protects you by identifying and blocking malicious applications installed on your computer. Anti-virus software also checks the trustworthiness of the files you download from the Internet or receive by email. You should also make sure you keep your antivirus software up-to-date. * the most important programs to update are those that access the Internet (browser, email, etc.) and wellknown software (Office pack, Adobe suite, Java, etc.) Check the trustworthiness of the site you are on: Whether you are on a banking site or an e-commerce site, it is important to make sure that the site you are on is official and secure before entering your login details or carrying out any transactions. Follow these instructions to check the trustworthiness of the site you are on: o Check the URL of the site in the address bar: a URL is the unique identifier for the web page you are on and is visible in your browser's address bar. By checking this address carefully, you will be able to tell if the site you are on is fraudulent, as its address will necessarily be different from that of the official site (e.g. www.particulier.sg.fr instead of www.particuliers.societegenerale.fr). o Check the prefix of the address: any official Internet banking or e-commerce site will use secure communication protocols with its clients. If you are on a secure site, the URL will be preceded by "https" (instead of "http"). The full address of Societe Generale's secure site is: https://@espace_sécurisé_ebanking o Check the security certificate: the certificate is used to provide assurance that the site belongs to the Societe Generale group. Your web browser can display the security certificate used by the page you are on. The certificate should look like this:

Each subsidiary should insert its own certificate. Specific protective measures for smartphones: The growing use of smartphones and the increasing development of banking services for such devices are leading to the emergence of new security risks. Smartphones are often likened to mobile telephones, but in reality, they are simply computers which can be used to make telephone calls. The security measures applicable to a computer (see above) are therefore equally valid for a smartphone. However, smartphones also require further specific protective measures: Protect your telephone with a (non-trivial) password and set your screen to lock automatically when it is not being used. o Make sure you apply all the updates recommended by your system provider o Only download applications from official application stores (e.g. Apple Store, Google Play Store). Otherwise, you risk downloading malicious applications onto your smartphone o Never unlock your smartphone's operating system (e.g. jailbreak, rooting), as doing so increases your exposure to risks o Do not store any unencrypted confidential data on your smartphone o Install anti-virus software and keep it up to date Remember that it is vital to take the same precautions with a smartphone as you would on a computer when browsing the Internet

Security measures Societe Generale is aware of the security risks that arise from the sensitivity of an online banking service, and implements state-of-the-art security measures to provide you with the highest possible level of security. Authentication mechanisms and procedures: Authentication is a key element of the security of the online banking service. This procedure, which gives you access to your accounts in order to view and manage them, allows Societe Generale to formally identify you. The elements used for authentication are your username and password. Your username is unique and is provided to you when you register for the online services. You are allocated a default password when you register for the online services, then presented with an online form to change your password the first time you log in. Authentication by password The new password, which should comply with the recommendations in "Best practices: protect your password" can be changed at any time at the following address: @. You use your username and password to access your accounts. Never disclose your password to anyone. Remember that Societe Generale will never ask you for your password Authentication by virtual keypad The new password you have chosen can be changed at any time at the following address: @. Your username and password are used to access your accounts through an innovative new system introduced by Societe Generale. The virtual keypad makes your password more secure by making it harder for a malicious individual to get hold of it. The virtual keypad can be used by the blind and partially-sighted.

Never disclose your password to anyone. Remember that Societe Generale will never ask you for your password Authentication by OTP The security of your password is guaranteed by an innovative Societe Generale system. The OTP calculator generates a new password each time you log in. You use your username and password to access your accounts. Confirmation by OTP In addition, it may be necessary to perform a further authentication operation in order to complete certain transactions, so as to confirm your identity, your consent, and the validity of the transaction. Societe Generale uses a One-Time Password solution. For those transactions that require confirmation in this way, you must enter on the OTP calculator: o The amount of the transaction o Part of the beneficiary's account number The calculator generates the one-time password you must enter on the site to confirm the transaction. Here is an example of an OTP calculator (different models exist): Encryption of communications: The Societe Generale online banking service uses the SSLv3/TLS (Secure Socket Layer version 3 / Transport Layer Security) encrypted communication protocol. Activating encryption reinforces HTTP communication, which is consequently renamed HTTPS (where the S stands for "Secure"). The HTTPS protocol ensures that all information exchanged on the site is safe and confidential. You can always check whether the site you are on is secure: o the address of the site will be preceded by the prefix "https" o In some browsers, a padlock logo will also be displayed in the status bar Extended Validation Certificate (EV) o In some browsers, the address bar will turn green and display a certification logo The full address of Societe Generale's secure site is: https://@espace_sécurisé_ebanking

Automatic logout procedure: For your security, you will automatically be logged out of the service after ten minutes of inactivity. This means noone can use the site in your place if you have left your computer without logging out. To log back in, you must enter your username and password again. It is vital to log out using the "log out" button when you have finished viewing your accounts. Remember that Societe Generale will not be able to reject any transaction carried out during a session opened in your name. Traceability and archiving: For security purposes, activity on your banking site is tracked and archived 24/7, in compliance with the banking regulations in effect and the relevant data protection laws. Any anomaly detected will give rise to an in-depth analysis, as well as ad hoc procedures to ensure the reliability and continuity of the service at any given time

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information