Security tips on online banking

Security tips on online banking

Using online banking with caution

Here are some suggestions for you to enhance the security of online banking:

  • Make sure your mobile number and email address in our bank record are correct and up-to-date
  • To ensure a secure and convenient online banking experience, we regularly upgrade our security controls. Please always log on to Personal e-Banking at www.hangseng.com and only trust a browser on a device that belongs to you or is reliable. For safety reasons, you need to trust your browser again when there're certain changes on your device or browser, such as software version updates, clearing cookies, or using "incognito" mode
  • Keep your devices that store digital certificates (e.g. personal computers, security devices that generate one-time passwords and smart cards) and authentication methods (e.g. passwords and one-time security codes) used for accessing Personal e-Banking
  • We recommend you to use a Mobile Security Key or physical Security Device that generates the security code for online and mobile banking, as this'll enable us to verify your identity when you conduct high-risk transactions. Learn more about e-Banking security information
  • Take care of your Security Device. Never leave it unattended in a public place or in the control of other people
  • When using online and mobile banking services, please be vigilant for any abnormal or suspicious elements on the website or app. If you have any doubts or concerns, please close the page or app and call us at (852) 2822 0228 to report your suspicions
  • We recommend you to change your Personal e-Banking and device passwords regularly and use a combination that's hard to guess. You should avoid including your birthday or phone number and using the same password repeatedly across different websites and apps. Never disclose your password to other people
  • Install and update virus detection softwares on your computer and mobile device to protect from known viruses such as Trojan Horses
  • Don't install apps on your mobile device from unknown sources. These apps may include spyware that run on your device which monitor and record the way you browse the Internet and the sites you visit. Review and understand the permissions of mobile apps before you install them. Don't use untrusted custom virtual keyboards
  • Never leave your computer and mobile device unattended while using online and mobile banking services
  • Always remember to log off properly after using online and mobile banking services to ensure security
  • Use trusted Wi-Fi networks or service providers and enable security protection such as Wi-Fi Protected Access (WPA, a system for protecting wireless computer network security), if possible
  • Don't use any jailbroken mobile devices which may have security loopholes to log on to Personal e-Banking or Hang Seng Mobile App
  • Beware that there're fake websites designed to trick you and collect your personal information. Avoid access to Personal e-Banking or Hang Seng Mobile App through links embedded in emails or other untrustworthy sources such as pop-up windows and the search result of the internet search engines
  • Don't open any links embedded in suspicious or malicious SMS or MMS
  • Log on regularly to review the transactions of your accounts
  • Destroy any printed cop(ies) of the password(s)
  • Understand the risks of using biometrics (i.e. fingerprint or face recognition), Mobile Security Key or mobile phone binding as authenticators for making payments and how to protect your devices and those authentication methods
  • Don’t write down the passwords on any devices for accessing Personal e-Banking or Hang Seng Mobile App or on anything usually kept with or near them
  • Never use a public computer or someone else’s mobile devices for online and mobile banking services
  • Never disclose any of your authentication methods to others, including passwords, one-time security codes and one-time passwords (OTPs) sent to your mobile or security devices
  • Before entering an OTP that has been sent to your mobile phone, you should ensure you're expecting to receive an OTP from the stated sender and for the stated purpose. If you have any doubts or concerns, please call us at (852) 2822 0228 to verify
  • Never disclose your username for online banking log-on and authentication methods (e.g. passwords and one-time security codes) to anyone nor record the password in any unencrypted forms
  • When there's an alert about the payee's related to a scam report on transfer page, you must verify the payment details and make sure the payee's trustworthy before each transfer
  • Inform us as soon as possible if you suspect your authentication methods or devices for accessing our online and mobile banking services have been compromised, lost or stolen or there're unauthorised transactions over your accounts

Please note, you may be held liable for all losses if you have acted fraudulently or neglectfully, knowingly allow the use by others of your device or authentication methods, or failed to follow the safeguards set out above.

For detailed information on how to safeguard your personal and account information, we recommend customers to refer to the e-leaflet “Smart Banking Customer Guide-Online Banking Services”, produced by the Hong Kong Monetary Authority.

In order to provide customers with better protection when using online banking services such as Hang Seng Personal e-Banking, Hang Seng Commercial e-Banking and Hang Seng HSBCnet, we have adopted safer and more effective “dual authentication” online security measures. Please visit our e-Banking Security for more details. Customers may also visit designated website of the Hong Kong Monetary Authority for more tips on online banking security.

Executing online securities trading safely

Please consider adopting the below measures to enhance the security of online securities trading:

  • Choose to register for using a physical Security Device or Mobile Security Key to generate the security code. After registration, if you log in to Personal e-Banking via dual-password authentication, you will be required to log in with the Security Device in order to complete the first securities trading transaction
  • Choose an e-Banking password that is difficult to guess and different from your other online passwords. Stronger passwords use a combination of letters, numbers and symbols
  • Ensure that your mobile phone number and email address registered with us is correct and kept up-to-date
  • Always check our SMS notifications of your transaction record promptly. Contact us immediately if you have any doubts or concerns
  • Review your online account records regularly, and check all messages and statements issued by the Bank promptly
  • Avoid logging in online banking and conducting transactions by using public computer or through public wireless network

SMS prompts

We may send SMS notifications to your registered mobile phone number for certain card and bank transactions in accordance with the online banking security guidelines issued by the Hong Kong Monetary Authority.

Customers will receive an SMS alert from us after performing the following transactions via Hang Seng Personal e-Banking:

  • Transfer to non-registered third party account
  • Bill payment to beneficiary in the ‘online merchants’ category
  • Issue of electronic cheque
  • Increase transfer limit
  • Add registered payee

In order to perform any of the above transactions via Hang Seng Personal e-Banking or Mobile Banking app, you must provide us with your valid and current Hong Kong mobile phone number. You can visit Manage Your Banking Profile to check or update your registered mobile phone number.

Alternatively, you may register or update your mobile phone number by:

  • Logging in to Hang Seng Personal e-Banking and clicking on the following links on the menu on the left of the page: Customer Service Change Account Information Personal Information; or
  • Calling our 24-hour Phone Banking hotline: (852) 2998 8022 (Prestige Private Customers) / (852) 2998 9188 (Prestige Banking Customers) / (852) 2822 8228 (Preferred Banking Customers) / (852) 2912 3456 (Integrated Account Customers); or
  • Visiting any Hang Seng Bank branch

Footnote

Beware of scams! Don't provide bank, credit card, debit card, investment, insurance and MPF accounts or other key personal information via links embedded in suspicious messages claiming to be from us.