Online Security

 

Online Security


It’s easy to become complacent. We live in a world of constant online updates, and password paralysis can set in when we’re faced with yet another sign-in page. But that’s no reason to let our guard down when it comes to banking online.

 

Protect yourself

  • Maintain an adequate level of anti-virus software on your computer
  • Take your time – If you receive an unexpected email, text, or phone call, requesting money or sensitive information, don’t rush to act on it
  • Delete emails and attachments if they seem suspect – it may be a virus!
  • Beware of emails with ‘friendly’ headings from addresses you don’t recognise
  • Set your spam email preference as high as possible

We will never send you an unsolicited email requesting password or security information. If you ever receive an unsolicited email claiming to be from us, or from another Financial Institution, requesting that you click on a link or provide personal information, it may be a scam so check with us before you respond.

BPAY Security Alert


BPAY have issued a security alert regarding potential fraudulent activity at both Biller and Payer institutions. This could result in BPAY Payers and Billers being compromised.

 

BPAY have advised that:

  • A Payer accounts is compromised
  • A BPAY payment is made to pay for goods via Internet or phone banking, this payment is significantly higher than the actual value of the goods
  • The fraudster then contacts the Biller they have made an overpayment and request the overpayment be returned via direct entry to a different BSB & account number
  • The Biller processes the payment outside of the scheme not using the BPAY error correction process

Should you become aware of potential fraudulent activity through BPAY, please contact one of our Member Services Officers.

Browser Compatibility Check | Securing Online Transactions


Disabling TLS 1.0 and 1.1.

In April 2015, the PCI Security Standards Council released the v3.1 update to the PCI DSS standard. This standard update excludes Secure Sockets Layer (SSL) 3.0, TLS 1.0, and some ciphers supported by TLS 1.1 from protocols supporting strong cryptography. This means the Council wants us to discontinue support for those protocols or ciphers, ensuring your ongoing security.

Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message.

Currently, only the following minimum versions of browsers support TLS 1.2.

To ensure you can access Digital Banking you must use the following supported browsers/devices below.  Devices/browsers older than the versions below are no longer supported and vulnerable to security exploits and cannot be supported by our applications.

  • Google Chrome (desktop & mobile) – version 30+
  • Mozilla Firefox (desktop & mobile) – version 27+
  • Microsoft Internet Explorer (desktop and mobile) – version 11+ or Edge)
  • Apple Safari (desktop only) -version 7+
  • Apple Safari (mobile only) – version 5+  NOTE: browser version in line with iOS version (i.e. Safari mobile v5 = iOS 5)
  • Android Browser (mobile only) – version 5+  NOTE: browser version in line with Android OS version (i.e. v5 = Lollipop/v5.0-5.1.1)
  • Opera – v17+

All browser versions earlier than these will be unable to access Dnister’s digital systems.

 

ATM and Card Security


You may have heard these before, but we think it’s better to be safe than swindled.

Smile for the camera

  • Cover the keypad as you enter your PIN into an ATM
  • Use a different ATM if it appears to be damaged and notify the owner if possible
  • Change your PIN regularly – but don’t use a PIN that easy for others to guess (like your date of birth)

Swipe away safely

  • Check your transactions daily via our App or Internet banking
  • Reduce the daily limit on your card to suit your needs, or maintain only the required amount in your transactional account.
  • Advise Dnister in advance of any international travel
  • If you suspect any transactions that do not belong to you contact Dnister immediately.
  • Do not write your PIN anywhere