Internet Banking Security

• Our commitment to security
  • Our guarantee
  • We will
  • We will never
• Security measures we take
  • Encryption
  • Digital certificates
  • Scramble pad
  • Pay Any One payment
  • VerifID
  • Automatic session timeout
  • Audits
• Tips for safe Internet banking
  • Passwords and PINS
  • Other safe computing practices
• Free security checks
• Hoax emails and phishing sites
• Email employment scams
• Industry links
• When should you contact us?

Our commitment to security

Newcastle Permanent maintains an ongoing commitment to the integrity, availability and confidentiality of your financial resources.

Our Internet and telephone banking facilities give you the flexibility to undertake your banking at a time that best suits you.

To bring these facilities to you we use secure and trusted information technology and techniques that allow us to assure you that your finances are in the best possible care.

Our guarantee

Newcastle Permanent guarantees the integrity of your Internet banking and that you will not be liable for unauthorised transactions recorded against your account provided:

• You have observed the account Terms and Conditions;
• You have not by your actions or inactions contributed to the loss; and
• You conduct your Internet banking sessions from a PC with appropriate security software installed. Read more about safe computer practices.

We will

• Maintain the confidentiality and integrity of the information we hold for you.
• Continue to review, develop and protect all our resources with the best security and controls.

We will never

• Send you unsolicited emails regarding your financial affairs.
• Pass on your personal details including email address to anyone without your express consent.
• Ask you to divulge your password or access codes.

Internet banking - security measures we take

Our Internet banking system is secured by industry standard methods that ensure privacy of transactions during transmission.

Encryption

All communication between your browser and our secure Internet banking sites is encrypted using 128bit SSL encryption technology to ensure confidentiality of transactions performed on our site.

Digital certificates

We use Digital Certificates to ensure it is really us you are connected to. You can ensure that you are using our verified site by double clicking the padlock symbol (located at the bottom right hand corner of the window for most web browsers).

Scramble pad

To help protect information entered at your PC we have included the 'scramble pad' feature in our Internet banking logon page. Help with using the scramble pad is available from the Help button on the Internet banking logon page.

By using the scramble pad, you make it more difficult for key-logging viruses, which may have been inadvertently downloaded onto your PC, from compromising your access codes. Use of the scramble pad heightens the protection of your information and reduces the possibility of unauthorised transactions occurring on your accounts.

We are committed to ensuring the security of our online facilities. If you have any concerns regarding security, please contact our Member Support Centre on 13 19 87.

Pay Any One payments

We have reduced the maximum daily limit that applies to Pay Any One payments and Batch payments on Internet banking for both personal and business members respectively. This daily limit applies to the total value of Pay Any One payments from all accounts registered for Internet banking under the member number.

The reduced limit is a measure we have taken to reduce the risk of any potential losses should your Internet banking logon be compromised.

VerifID

Secure Internet banking is one of our ongoing priorities. That's why we've introduced VerifID, to make our Internet banking safer than ever.

How does it work?
The way it works is easy.  At the time of making some third party payment transactions you will receive an automated call to your nominated home, work or mobile phone and be provided with a "once only" VerifID code to complete your transaction. Read more about VerifID.

Automatic session timeout

Our secure Internet banking sites automatically log you out to reduce the risk of someone else accessing your account if you leave your computer unattended. We do however recommend that you use the logout function of the site as soon as you finish your Internet banking session.

Audits

Newcastle Permanent periodically commissions reputable external auditors to review security measures employed on the site.

Tips for safe Internet banking

To ensure your logon details are securely protected you should:

• Only access the Newcastle Permanent Internet banking site by typing the website address (URL) www.newcastlepermanent.com.au into the address bar on your browser.
• When logging on always enter your access code using the scramble pad on the logon screen.
• Always check that the locked padlock icon is displayed in the bottom right-hand corner of your browser window and a valid digital certificate is issued to the site. The URL in the address bar must start with https:// (please note the "s" after http). The locked padlock icon is displayed in your browser window.
• Care should always be taken when using a computer for financial transactions in public places such as Internet cafes, educational institutions, libraries, airports, hotels, etc. Do not respond if you are prompted to save logon details.
• Never click on a link or respond to an email that asks you to divulge your personal or account information. Newcastle Permanent will never send you unsolicited emails regarding your financial affairs.
• Never leave your computer unattended when connected to our secure Internet banking site. Make sure you logout of the site specifically when you finish your Internet banking session.
• Click the logoff icon and close your browser when you exit the site.

Passwords and PINS

Your password or access code is the key that allows you to access information that only you should be able to access.

• Do not use password or access codes that can easily be identified as belonging to you, such as your phone number or birthday.
• Do not write your access code or password down or store it in your computer or wallet.
• Do not tell anyone else your password even if they claim to be from Newcastle Permanent.
• Change your access code or password frequently and make it different from the last one you used.
• If you think someone else has access to your access code or password you should immediately change it. If there are suspicious transactions that indicate someone else has been using your account, please contact our Member Support Centre on 13 19 87 immediately.

Other safe computing practices

The Internet is a great way to communicate, share information and do business but it is not tightly controlled. This means there are a number of threats that can potentially cause problems for you when using the Internet. We recommend the following measures to increase your Internet security.

• Operating system, browser and software updates. Keep up to date with software fixes (also known as 'patches' or 'security updates'). Using a current web browser will maximise your security.
• Anti-virus protection. Ensure that your computer has an up-to-date anti-virus protection program to detect and remove viruses. Also consider SPAM email filtering.
• Anti-spyware protection. Use a current anti-spyware protection program to detect and remove spyware from your computer.
• Firewall. Use a firewall to prevent unauthorised users from gaining access to your computer or network.
• Use extreme caution when accessing our secure sites from a public or shared computer such as those at Internet cafes, libraries, airports, hotels, etc. If you need to access a shared computer we recommend that you follow these steps to protect your privacy:
  • Ensure no one standing behind you is looking over your shoulder while accessing our site.
  • Logout of the site as soon as you finish your Internet banking session.
  • Close the browser by clicking on the 'X' icon, usually located at the top right-hand corner of the screen.
  • Verify that the last logon time corresponds with your last Internet banking session when you next logon to the site.
  • Change your password or access code as soon as possible when you next logon at a trusted secure computer.

Please note we have included the above information to help you get started. Always use your own computer support provider to help you configure your computer in the most secure way.

Free security checks

There are many different types of security software available that perform different functions. To help you, we have provided links to some software providers*.

Symantec Security Check:
symantec.com

McAfee Freescan:
us.mcafee.com

Hoax emails and phishing sites

Fraudsters have been known to set up copies of banking sites with the purpose of capturing personal online banking logon details. They then send out an email that instructs the recipient to visit the website and logon in order to verify details.

Unfortunately, when people enter their details into these sites the information is recorded and the fraudsters use it to transfer funds out of the real online banking facilities.

These websites and emails will often look legitimate so being able to identify a fake email from a real one can be a little difficult. Here are some things to consider:

• These emails may be headed 'Dear Newcastle Permanent user'. We know who you are so we'll always greet you personally, while fraudsters are unlikely to know your name. Members are advised not to click on any links, open attachments or enter any personal information.
• The message is in no way associated with the Newcastle Permanent and we have a policy to never solicit security information via email or ask members to follow Internet links. We will never send you emails asking for your Internet or telephone banking security details.
• Members should only access Newcastle Permanent's Internet banking site by typing the website address www.newcastlepermanent.com.au into the address bar on their browser.

Please disregard any email that advises you to access our site and provide any of your personal details. Instead, delete the email immediately.

If you have concerns because you received a suspicious email from Newcastle Permanent, please do not hesitate to contact our Member Support Centre on 13 19 87 to verify the details.

Email employment scam

Victims of these scams are asked to provide their bank account details to prospective employers with the view to facilitate transfer of funds to overseas parties. In return the victims are compensated by a commission payment. However, the funds transferred have been obtained fraudulently. Do not provide bank account details to any prospective employer until you are satisfied that the employer is genuine and/or you have signed a contract of employment.

When should you contact us?

Please phone 13 19 87 and ask for our Fraud Department immediately if you suspect your personal details may have become known to others or if you believe an unauthorised transaction has been performed on your account.