The world's local bank
Security
The security of your personal information and your online banking transactions is of utmost importance to HSBC. We maintain strict security standards and procedures to prevent unauthorised access to your information.
The Security of Our Systems
128-Bit SSL Encryption
HSBC requires the use of 128-bit Secure Socket Layer (SSL) Encryption, with all Personal Internet Banking applications and online application forms, which is the industry standard encryption used for internet banking applications. Encryption converts your data (i.e. when you apply for a loan or credit card at HSBC or when you use Internet Banking) into an encoded form before it is sent over the Internet. The encryption helps keep your information private between the bank´s computer system and your Internet browser.
To determine if the browser you are using supports 128-bit encryption try a browser check.
Internal Systems Encryption
HSBC employs multiple levels of encryption with multiple encryption algorithms on and between internal systems to help ensure your data is kept secure and inaccessible to unauthorised users.
Firewalls
HSBC uses firewalls to block potentially destructive information from entering our computer systems and to prevent unauthorised access. Firewall software can be installed on business and home computers as a barrier against hackers and viruses.
Digital Certificates
To protect your computer and your account information when using Personal Internet Banking, HSBC Bank Polska SA uses Digital Certificates to allow you to ensure you are communicating with HSBC. When you log on to HSBC Bank Polska SA, your browser challenges the HSBC website to prove its identity using digital certificates. Your browser can verify the certificate and will alert you if the website is not HSBC. When logging on to HSBC, you should always ensure that this identity check has occurred. For instance in Microsoft® Internet Explorer, ensuring that the yellow lock is present on the lower right hand corner of the browser and double-clicking it allows you to view the digital certificate of the website your browser has verified.
Security Device
HSBC Bank Polska SA is committed to safeguarding your sensitive financial information. We have introduced a Security Device, needed to access Business Internet Banking. Each Security Device generates a series of single-use Security Codes unique to the user´s account. By using these Security Codes together with your Username and Password, your online security is increased.
Server Gated Cryptography (SGC)
HSBC uses Server Gated Cryptography or SGC, which allows a browser using 40-bit SSL encryption to function as 128-bit encryption for the duration of the online banking session. This helps keep your online banking transaction information as secure as possible without having to download an updated browser.
Keeping Your Online Sessions Secure
Secured Sessions
Your HSBC Internet Banking session is protected in a "secured" environment through Secured Socket Layer (SSL) encryption. SSL technology is used within your Internet Banking session to encrypt your personal information before it leaves your computer to help ensure no one else can read it. Depending on your browser settings, a pop-up window will appear to notify you that you will be entering a secured page. You will know when you are on a secured HSBC page when you see the "https://" before the web address. A padlock symbol in the lower right hand corner of your browser window will also be present. A closed padlock indicates that your HSBC online session is in a "secured" environment.
Your Internet Banking Session for Internet Banking
Log on, Personal Identification, and Random Challenge Password Feature.
To make accessing your HSBC Bank Polska SA accounts more secure, we require that after obtaining your Personal Access Number, you create your personal identification question and response, and your password to log on to HSBC´s secured Internet Banking site. This information is then authenticated by HSBC´s system to verify your identity before providing account access. Your personal identification question and answer is a key element to differentiate HSBC from “phishing” sites. The random challenge password feature protects your password from being captured by keystroke logging tools that are planted into your home PC through virus attack.
Log On Attempts
For added security, we protect your online banking access by tracking the number of log on attempts. After a number of incorrect personal identification response attempts, we will disable your online access temporarily. You may either try to log on again after several minutes or contact HSBC to re-establish access by phone. After a number of incorrect password attempts, we will immediately disable online access. Should this happen, you will need to contact HSBC to re-establish access by phone.
Session Time-out
For your protection, HSBC includes a Session Time-out feature for your online banking session. If your Internet Banking session remains idle for a given time, your session automatically ends. This helps to protect your accounts from unauthorised access if your PC is left unattended or you have not logged-off from your Internet Banking session.
Your Internet Banking Session for HSBC Premier Customers
Log On and Password Feature
Each Business Internet Banking User Name, Password and Security Device is unique to the specific individual. The system of a personalised user name helps restrict access to your Business Internet Banking account. To benefit fully from this protection, you must ensure that your Business Internet Banking User Name(s) and Password(s) are kept secure and secret at all times.
Secure Email
To protect any private information you may send to us via email, HSBC provides a secure email feature within Business Internet Banking so that your correspondence and your information remains between you and HSBC.
Important Note: If your Internet Banking password has been compromised, please immediately contact us.
“Golden rules”
In our view, below rules offer good protection for the least amount of effort. By following these rules you will greatly increase your PC´s protection, not just when you use our Internet Banking services but when you use the internet generally.
They are not all the measures you can take, but are an excellent start. They are equally applicable to business owners and to private individuals:
Make sure you have the latest security updates & patches
From time to time, vulnerabilities are discovered in programs running on your PC. The publisher will then release a “patch” to correct this weakness. These weaknesses are regularly exploited by virus writers and hackers to gain unauthorised access to those PC’s that have not been patched.
To check for patches and updates you should visit the publisher’s website, typically in their Download section.
Microsoft users can visit: http://windowsupdate.microsoft.com which can automatically check what is required for both operating system and browser and then download it at your request.
Install anti-virus software
You may already be using anti-virus software but to be effective, the software should be updated on a regular basis with the latest virus definition files. If you are unsure how to do this, you should refer to the program´s Help function.
There are many effective programs to choose from, but the most common commercial products include McAfee, Symantec (Norton) and Sophos.
It is also possible to obtain free anti-virus protection. A search for “free anti-virus” on Google will provide a list of the most popular ones.
Use personal firewalls
A personal firewall is another program that helps protect your computer and its contents from outsiders on the Internet. When installed, it stops unauthorised traffic to and from your PC.
Read our password advice
Passwords are the key to your online account information. Avoid using the same password for different systems that are important to you. Doing so puts your money at risk should anyone discover this single password. For this reason, you are strongly advised to have a unique password for any services as critical as your Internet banking.
When choosing a suitable password, you might consider the following
Be different – Avoid using the same password for different services.
Don’t be personal – Do not be tempted to use passwords that can be easily guessed, e.g. children’s names, pet´s names, birth dates, telephone numbers.
Never write them down – We strongly recommend that you never write down or otherwise record your passwords. If, however, you feel that you have no alternative but to do so, you should ensure that you never write down or otherwise record your passwords in a way that can be understood by somebody else.
In any event, you should never disclose your Internet login details anywhere online except at your usual online banking website which should be accessed in the normal way and never via a link in an email.
Use an anti-spyware program
Spyware is the term used to describe programs that run on your computer for the purpose of monitoring and recording the way in which you browse the web and the internet sites you visit. For example, spyware can combine information about your online behaviour with that of many other users in order to generate market research data. This information can be bought and sold by companies interested in improving the way websites are designed and how the internet is used.
You may or may not wish for your internet usage to be monitored in this way. In addition, just as spyware can be used to improve the online experience it can also be used to extract personal information that you have entered, including passwords, telephone numbers, credit card numbers and identity card numbers.
Spyware is often loaded onto a PC as part of a free download of another service - for example a service that claims to improve the performance of your PC. Sometimes your agreement to the download is requested in the small print, but spyware may also be loaded onto your PC without your agreement or knowledge.
Spyware is not the same as a virus in that it only records what you do rather than altering how your machine works. Because of this, anti-virus software is not effective in identifying and removing spyware; you will need to download and run a specialised anti-spyware program.
Anti-spyware security software currently available include McAfee, Spybot Search and Destroy, AdAware, Spyware Eliminator, Spyware Doctor and Microsoft antispyware. We strongly recommend that you install and use a reputable anti-spyware product to protect yourself against spyware on your PC.
Please visit http://www.banksafeonline.org.uk for further independent information on this topic.
After logging in into the internet banking, do not leave your computer unattended, and after finishing your work – log off and close the browser.
Never disclose your data used for logging in anywhere on the net apart from your usual internet banking web page to which access should be obtained in a usual manner, never with the use of a link from an incoming electronic mail.
In addition, use of “bookmarks” or “favourites” mechanisms is not recommended, because there are mechanisms that can modify addresses stored there.
Never use internet browsers to find a page for logging in into the internet banking, because hyperlinks found in them may lead to false websites or websites containing viruses.
Check the dates of the last login and incorrect login into the internet banking system.
Call HSBC Bank Polska SA on hotline numbers if you have any doubts.
Hyperlink Policy
Hyperlinks from this Website to Websites outside the HSBC Group
This site may provide hyperlinks to other locations or websites on the Internet. These hyperlinks lead to websites published or operated by third parties who are not affiliated with or in any way related to the HSBC entity operating this website ("HSBC"). They have been included in our website to enhance your user experience and are presented for information purposes only. We endeavour to select reputable websites and sources of information for your convenience.
However, by providing hyperlinks to an external website or webpage, HSBC shall not be deemed to endorse, recommend, approve, guarantee or introduce any third parties or the services / products they provide on their websites, or to have any form of co-operation with such third parties and websites unless otherwise stated by HSBC.
We are not in any way responsible for the content of any externally linked website or webpage. You use or follow these links at your own risk and HSBC is not responsible for any damages or losses incurred or suffered by you arising out of or in connection with your use of the link. HSBC is not a party to any contractual arrangements entered into between you and the provider of the external website unless otherwise expressly specified or agreed to by HSBC.
Any links to websites that contain downloadable software are provided for your convenience only. Again we are not responsible for any difficulties you may encounter in downloading the software or for any consequences from your doing so. Please remember that the use of any software downloaded from the Internet may be governed by a licence agreement and your failure to observe the terms of such licence agreement may result in an infringement of intellectual property rights of the relevant software provider which we are not in any way responsible.
Please be mindful that when you click on a link and leave our website you will be subject to the terms of use and privacy policies of the other website that you are going to visit.
Hyperlinks from HSBC to Other HSBC Group Websites
We may also include hyperlinks to other HSBC Group websites for your convenience. The products and services offered on these websites may be limited to persons located or residing in only that particular jurisdiction. In addition, the content on these linked websites may not be intended for persons located or residing in jurisdictions that restrict the distribution of such content. The terms and conditions governing the use of the website of each HSBC Group entity may differ and you should consult and carefully read the applicable terms and conditions before using the website.
Hyperlinks from External Websites to this Website
You must always obtain the prior written approval of HSBC before creating a hyperlink in any form from a third party website to any HSBC website. HSBC may or may not give such approval at its absolute discretion. HSBC is not responsible for the setup of any hyperlink from a third party website to this website. Any links so set up shall not constitute any form of co-operation with, or endorsement by, HSBC of such third party website. Unless we advise you otherwise, any link to this website shall always be an active and direct link to our website and shall be made directly to the home or front page of our website only and that no "framing or "deep-linking" of our web page or content is allowed.
HSBC is not liable for any loss or damage incurred or suffered by you or any third party arising out of or in connection with such link. HSBC reserves the right to rescind any approval granted to link through a plain-text link or any other type of link, and to require the removal of any such link to any of the HSBC Group websites, at our discretion at any time.
IMPORTANT: By accessing this website and any of its pages you are agreeing to the terms set out above as well as the general terms contained at the "Legal" link.
Cancelled Documents
If any document confirming your identity is lost or stolen, go to the nearest bank branch cooperating with the Cancelled Documents System and submit an application for cancelling that document. Next, inform the nearest police station if the document has been lost as a result of theft, which will enable undertaking of activities aimed at obtaining a new document.
A failure to cancel any of the following documents, i.e. an ID card, a temporary ID card, a passport, navy service papers, military service papers, may result in unpleasant consequences for you. A person using unlawfully your data may by using them to obtain under false pretences a loan, borrowing, credit card, make a bank transfer, withdraw money from your account or sign other agreements that will be disadvantageous for you, that is why in order to limit the occurrence of similar situations an electronic system of exchange of information on Cancelled Documents has been created.
Your notification that a document is cancelled and thus eliminated from the turnover appears in the System almost in real time, therefore each minute is valuable and may even help to catch a fraudster.
More information may be found on the following website: www.dokumentyzastrzezone.pl
Payment Cards
Sign your card immediately after receiving it.
Never give your card to anyone.
Do not write down your PIN on the card or keep it together with the card. It is best to memorise PIN and destroy the letter immediately after receiving it.
Do not give the card number to persons who call you, even if they pass themselves off as employees of the Bank or the service point in which you executed a transaction. If it is you who initiates a call, give the card number and other data concerning the card only if you are sure that the interlocutor may be trusted.
Never write down the card number in a publicly available place.
When paying with the card, do not lose sight of it, and once the transaction is completed – take it back immediately from the shop assistant.
Always keep confirmations of the transactions being performed, including those not executed successfully. Check the correctness of executed transactions immediately after receiving the bank statement. If you notice any discrepancies or irregularities, file a complaint immediately.
Remember to destroy all documents containing the card number.
Always cover the ATM keypad when entering the PIN code (with your hand or wallet).
Save in your mobile or another secure place the telephone numbers for cancelling cards.
Cancel the card at the bank immediately after you notice its loss.
Never provide your card number or other data related to the card (e.g. PIN, CVC2 number) on insecure websites (e.g. offering brand-name products at exceptionally low prices).
Carry with you only those cards which you need and use regularly.
The most common place for thefts are public places, such as: cinemas, shopping centres, means of public transport. Outerwear or a handbag hanging on a chair also constitutes a temptation for thieves. Therefore, if such situation has taken place or you have been in the place which encourages theft, check if you have all your cards.
Do not reply to e-mail messages if you are requested to provide or confirm the information regarding your card and do not use hyperlinks contained in such messages. They may redirect you to a false website of the Bank.
When you receive a transaction confirmation in a restaurant, remember to put an amount in the “tip” field or to cross this field out. This will prevent an unwanted debit to your Card account.
If the transaction is executed with the use of an imprinter (in the case of embossed cards), remember to cross out empty fields in the form.
If a carbon paper was used to execute a transaction, remember to destroy it.
Execute the transactions on the internet only in well known and reliable online shops. If you use an online shop unknown to you, check its reliability – read its terms and conditions, call such website, check opinions of other users on various forums.
Before providing any personal data or card data, read the information on the transaction security and make sure that the data are transmitted over a secure connection. The easiest way to do it is to check whether the website address starts with https:// and whether the website has appropriate certificates - to do this double click the padlock in the right bottom corner of the browser.
Hotline numbers for Customers of HSBC Bank Polska SA:
HSBC Premier: 0 801 80 89 89 or (+48 22) 323 91 53
HSBC Business Direct: 0 801 80 80 90 or (+48) 22 323 99 51
