Chinabank Online Security Center

ONLINE BANKING

We know that protecting your personal online and account information will help you achieve your financial goals. Our fraud prevention teams use technologies and industry-tested processes and procedures to provide layers of defense to protect you against electronic fraud. Please read to learn more about what we are doing to protect you and how you can protect yourself.

Safe Online Experience

Encryption

China Bank Online implements TLS (Transport Layer Security) encryption technology that will protect your confidential information. You will know that you are using encryption if the website address begins with https:// and you see a closed padlock beside the URL.

Firewall & Intrusion Prevention Systems

The Bank has put in place security controls that are consistent with industry best practices to protect our online banking infrastructure. Among these controls are state of the art firewalls, intrusion prevention systems and other security technology that aims to safeguard against potential malicious activities.

Transaction Authentication

For your online financial transaction to proceed, China Bank Online Banking requires you to enter your nominated ID and your transaction password (separate or different from your Login password). This is for your added protection since every financial transaction is being duly authenticated and authorized.For your Auto-Credit Arrangement (ACA), Transfer to 3rd Party Accounts, Inter-Bank Fund Transfer, and PESONet transactions initiated in China Bank Online Corporate to proceed, you will be required to enter the system generated One Time Password or OTP, which is different from your login OTP.

Automatic Time Out

To reduce the risk of unauthorized access to your account, our system will automatically log you off from your online session after a period of inactivity.

Secure Login

Aside from your nominated User ID, China Bank Online Banking requires a strong password. For China Bank Online Corporate, aside from your comapny's Corp ID, your nominated User ID and password, China Bank Online Corporate requires you to enter the OTP to complete the login process.

Enrollment of 3rd Party Accounts in China Bank Pnline Corporate

To ensure that funds are transferred to intended recipient, enrollment of the transferee account is required for Transfer to 3rd Party Accounts, Inter-Bank Fund Transfer, and PESONet.

China Bank Online Banking has policies and procedures in place to help prevent the misuse of data and to reduce the risk of fraud:

Ensures that only those employees who are servicing accounts have access to your data.
Employs segregation of duties for certain high value transactions.

Practices & Security Assessments - The Bank regularly conducts extensive vulnerability assessment, penetration testing, and attack simulations on our critical systems to proactively find and remediate vulnerabilities. This includes the following:

Independent ethical hacking reviews conducted by outside security firms.
Ongoing scanning and monitoring to protect against known security risks.
Application vulnerability assessments.
Internal security assessments and use of technology to monitor and maintain a safe and stable environment.

Employee Training

Our employees undergo regular mandatory security training.

Online Fraud Protection

While we work constantly to make sure your online banking transactions are secure, we know that unauthorized online access may occur. We are committed to investigate and provide you our resolution to your concerns without delay should that happen.

Effective Online Fraud Protection can only be achieved if both you and the bank help make sure your information remains secure:

Safeguard your username, passwords and account access information. These are private to you - Never reveal them to anyone.

Review your confirmations, statements, account activity and other communications from China Bank Online Banking diligently. Enlist in electronic delivery of communications for timely notifications of transactions and/or account alerts sent to your email address on file.

Report any errors, discrepancies or suspected unauthorized activity in any of your accounts promptly by calling our Customer Contact Center Hotline at (02)888-55-888 Available 24 hours a day, 7 days a week.

For Customers in the provinces, dial our domestic toll-free numbers:

1-800-1888-5888(PLDT)

For Customers outside the Philippines, dial our international toll-free numbers:

001-800-1-888-5888(Hongkong)
00-800-1-888-5888(Italy)
001-800-1-888-5888(Singapore)
011-800-1-888-5888(USA)
0011-800-1-888-5888(Australia)
011-800-1-888-5888(Canada)
00-800-1-888-5888(China)
010-800-1-888-5888(Japan)
0061010-800-1-888-5888 (Japan Mobile Phone / Payphone)
001-800-1-888-5888(Korea)
011-800-1-888-5888(Thailand)

Inform our Customer Contact Center or your preferred branch account office when mailing addresses, email addresses, contact number or mobile number needs to be updated.

Secure your computer with anti-virus, anti-spyware, similar protective software and firewalls. Do not access your China Bank Online Banking account from public computers (e.g., hotel business centers, airport kiosks or similar locations).

Keep yourself protected by checking our suggested DO'S and DONT'S (Protect Yourself).

Protect Yourself

Achieving the highest level of security requires your committed effort to protect your personal information.
To ensure that your account information remains secure:

Protect Yourself

1.DO'S

Review your bank account statements regularly.
Enroll to be alerted of activities on your account.
Use unique passwords to access your account.
Keep informed of current cybersecurity threats.
Close all your browser sessions and launch a new one prior to accessing your online banking account.
Always check and ensure the correct online banking URL is indicated in your browser before entering
your username or password.
Always logout after completing your online transaction.

2. DONT'S

Respond to emails or SMS messages asking for personal information.
Include personal information in your outgoing emails or text messages.
Share your user names with anyone
Browse other websites while accessing online banking.

Protect Your Devices

1.DO'S

Access Online Banking ONLY through a trusted and password protected network
Keep your antivirus/malware protection software up to date.
Install security patches and keep your Operating System and Browsers up-to-date.
If you do not currently have anti-virus software, you should consider buying and installing some as soon
as possible.
Maintain firewall to prevent unauthorized access. A firewall is a security application that sits between
your device and the Internet shielding your device from unauthorized access.
Keep all your devices' password or PIN protected.
Remove file and printer sharing when the device is connected to the Internet in an untrustworthy environment.
Follow Public Safe WiFi practices

Enable your firewall
Use HTTPS whenever possible
Consider using a VPN
Turn off sharing. Don't make your WiFi public
Choose your Network wisely
Forget the network after you are done using it
Turn WiFi off when you are not using it

2. DONT'S

Install software or run programs of unknown origin. Only download from trusted sources.
Store or retain username and password when prompted by the browser as an option.
Leave your device unattended.
Use shared devices for conducting confidential financial activities.

Social Engineering

Social Engineering is an act of influencing people to reveal confidential or their personal information to gather even further information or gain illegal access to a system and the information inside that system for the end purpose of committing fraud.

There are several types of social engineering. The most common of which are pretexting (use of invented scenarios), baiting (use of free item to attract victims), quid pro quo (similar to baiting but uses service instead of an item), tailgating (or "piggybacking" - gaining access to a restricted area by closely following one who has legitimate access) and phishing.

Phishing refers to fraud emails sent by syndicates to customers with the message that their China Bank Online account is either locked or suspended or the system has been upgraded and customers have to unlock or reactivate their accounts by clicking on a link provided. Once customers click on the link, they are led to a site that asks them to input their user name and passwords which the syndicate then uses to make unauthorized transfer from the account.

The best way to protect yourself against social engineering is to always be AWARE.

Ask yourself first before you post anything in social networking sites―birthdays, addresses, contact numbers, family, job, schedules, travels, location, affiliations, "likes" or anything that can be used for identity theft, whereabouts tracking or fraud perpetuation.

Watch out for unexpected/unexplained/unusual calls or emails. Confirm authentiicity of anyone with whom you communicate―get contact number from your card, statement, etc., and be wary of the information you share.

Always check your privacy settings on social networking sites.

Refrain from clicking on links embedded in emails and be particularly conscious of embedded links, emails or text messages that ask for password verification.

Ensure that your personal information are disclosed only to those whom you intend to share it with―people or organizations that legitimately require these information.