You should observe the following practices to help secure the confidentiality and integrity of your Password and OTPs, personal details, and other confidential data. These will help mitigate the risk of unauthorised transactions and fraudulent use of your accounts, and reduce the chance of unlawful parties observing or stealing your access credentials or other security information with a view to obtaining unauthorised access to your online accounts:
(a) Take the following precautions with your Password;
- Passwords should be at least 8 characters of alphanumeric mix;
- Passwords should not be based on guessable information such as your username, telephone number, birthday, or other personal information;
- Passwords should be kept confidential and not be divulged to anyone;
- Passwords should be changed regularly or when there is any suspicion that your online identity has been compromised or impaired; and
- the same Password should not be used for different websites, applications, or services, particularly when they related to different entities.
(b) Do not select the browser option for storing or retaining username and password;
(c) Check the authenticity of our website by comparing the URL and our name in its digital certificate or by observing the indicators provided by an extended validation certificate;
(d) Check that the website address changes from ‘http://’ to ‘https://’ and a security icon that looks like a lock or key appears when authentication and encryption is expected;
(e) Check your account information, balance and transactions frequently and report any discrepancy;
(f) Install anti-virus, anti-spyware and firewall software in your personal computers and mobile devices;
(g) Update operation system, virus and firewall products with security patches or newer versions on a regular basis;
(h) Remove file and printer sharing on computers, especially when they are connected to the Internet;
(i) Regularly back up critical data;
(j) Consider the use of encryption technology to protect highly sensitive or confidential information;
(k) Log off each and every online session;
(l) Clear browser cache after each and every online session;
(m) Do not install software or run programs of unknown origin;
(n) Delete junk or chain emails;
(o) Do not open email attachments from strangers;
(p) Do not disclose personal, financial or credit card information to little-known or suspect websites;
(q) Do not use a computer or device that cannot be trusted; and
(r) Do not use public or Internet café computers to access online services or perform financial transactions.