Bank data safety system
Safety of transactions in the electronic environment depends on all involved parties and their cooperation. The Bank provides comprehensive safety of the Internet Bank system MultiNet and communication channels by encrypting data transmission as well as offers to the Client safe authentication by applying a two-factor mechanism - password and, additionally, plastic code card or digital code calculator (DigiPass); yet, the Client needs to take care for safety of his or her passwords and private access devices as well as deliberate activities by verifying the authenticity of the Internet Bank system MultiNet.
Recommendations for safe using of the Internet Bank system MultiNet
User name and password are means of the Client's identification in the respective information system. If the Client enters them in the information system correctly, the system is aware of information permitted for access to the user, activities allowed to the Client in the system, and conditions that have to be applied to the user. Disclosing of means of identification to other persons may result in loss of the user identity and material values; therefore, they should be stored in a safe place.
In order to provide safety of the password, the following recommendations shall be considered when choosing and using the password:
- The password has to consist of 8 symbols at least. The longer the password, the safer it is.
- Choose upper-case and law-case letters and digits for your password.
- Password should contain at least 2 letters and at least 2 digits.
- Do not use as the first symbol an upper-case letter in your password and do not use digits at the end; do not use in your password any word available in dictionaries and other significant combination, e.g., data of your birth, license plate number, pet name, etc.
- To make the password easier to remember for yourself, use keyboard key combination that is well-known for you; do not choose combination of keys which stand next in the same row.
- If you have to write the password down, keep it as safe as your credit card or - which is even better - use some of password administration tools, e.g., KeePass etc. Download them from authentic internet home pages only.
- Do not keep the written down user name (in the Internet Bank system MultiNet referred to as the Login), password and code card or code calculator in one place.
- Do not use the same password in many internet resources. If the password will get compromised in one of them, villains will have the possibility to use it in other internet resources with your user account as well.
- Immediately change your password if:
1. You had to use your password in unknown and/or unsafe computer;
2. You are in suspicion that some other person is using the User password.
- Do not save the password in an internet browser on computer, in smartphone, tablet, or in a computer joint-use user profile. Assess the computer safety carefully if you want to save the password in your user profile in an internet browser;
- Change your password on regular basis because you can never be absolutely sure that nobody has compromised it already. The maximum validity period of a MultiNet online banking password is 180 days. Thereafter, the system will request the password to be obligatory changed. We advise you to change the password more frequently if you use it in non-secure environment, or on someone else’s computer.
Safety of work with DIGIPASS the device
DigiPass GO-6 USER MANUAL
Safety of the private device
In the virtual environment, the Client can be sure only about his or her safety and credibility level of his or her own private device; and, to make the device safe, the following recommendations need to be considered:
- In the device, use the user private profile accessible with password that is known to the Client only.
- In the device, use only software supported by its manufacturer; and, it shall be installed from an authentic source.
- Install all safety patches on all programs installed in the device as soon as such patches are available for downloading in the supporter's internet home pages.
- If you do not use any program, it shall be uninstalled.
- Use antivirus software in the device. Better protection is guaranteed by software which provides not only blocking of known viruses but also identifies new viruses by its heuristics, is able to check e-mails and block data flow during internet surfing as well as informs the user about occasions of phishing. However, it shall be considered that no antivirus program can identify absolutely every virus; therefore, use internet with caution and think over each click offer.
- Switch on an internet fire-wall in computer network, to which the device is connected, in the device itself and configure the fire-wall in way that it permits through-flow of data needed for activities performed and authorized by the Client only.
- Do not use user details with administrator's rights in ordinary routine. It will advert and reduce the virus impact if any will still appear.
- Do not let any other person to use your device without supervision.
Solution Proposals to Protect Your Computer
Communication of the Bank with the Client
- The Bank contacts the Client by using official communication channels - safe communication method in the Internet Bank system MultiNet, e-mail address info(abols)industra.finance, or by sending SMS (sender's number is shown as "Industra"), e.g., reminder about expiration of validity period of the bank card.
- In separate occasions, a bank employee may contact the Client directly using the employee's bank e-mail; yet, since such way of communication is not safe, it's used only when coordinated with the Client and for sending of general information disclosure of which cannot harm the Client.
- Herewith we inform that the Bank employees are prohibited to contact the Client by using their private e-mail, the address of which does not contain @industra.finance!
- The Bank will inform the Client about fraudulent transactions (incl. potential) or warn the Client about an experienced attack (for example, phishing e-mail notifications) by using the official communication channels of the Bank.
- The Bank will never call you, will not send an e-mail and will not ask for providing of your Client details in the Internet Bank system MultiNet or credit card data either verbally or by sending over, or by entering in any internet home page except http://www.industra.finance/. Such occasions shall be classified as social engineering incidents and you are kindly asked to give a respective notice to the Bank immediately!
- In addition, you are kindly asked to notify the Bank in case of suspicion about any fraudulent payment, incidents or deviations during internet payment service session. The Bank will reply to you in one working day.
Verifying of authenticity of the Internet Bank system MultiNet
In order to verify authenticity of the Internet Bank system MultiNet, pay attention to the following:
- Address https://www.multinetbank.eu/
- We always use the https protocol, which you can see in the beginning of the address, and it means that the connection is encrypted.
- The home page of the Internet Bank system MultiNet has safety certificate verified by the VeriSign.
- Keep safe not only the password of the Internet Bank system MultiNet but the user code as well in order villains cannot block it and make the Internet bank unavailable to the Client.
- When you have finished your work in the Internet Bank system MultiNet, press the Exit button and close the internet browser.
- In case the Client uses an unknown device, he or she shall take into consideration risks of spy software installed in this device or devices that disclose the Client passwords, copies the Client files, registers all activities and hands it all over to a villain who is able now to act in the name and on behalf of the Client by using all obtained information or rights.
- It shall be taken into consideration that information processed by the Client may be stored on an unknown or public computer!
- If the Client receives an e-mail from a known institution or a person that surprises the Client or rises questions, please, do not hasten to open the e-mail attachments or documents placed in internet links given in the e-mail; instead, contact the sender by phone or using other means of communication in order to clarify the authenticity and aim of the e-mail.
- Do not install on your computer programs intrusively offered in internet as very useful or necessary for further work because they will be a malware most believably.