At HSBC we use industry standard security technology and practices, focusing on three key areas to safeguard your account from any unauthorised access.
We use industry standard encryption within our Internet Banking services
When you log in to Internet Banking you are said to be in a secure session . You know you are in a secure session if the URL address begins with https:// or a padlock symbol appears in the lower right hand corner of your browser.
Secure Sockets Layer (SSL) Encryption technology is used within your Internet Banking session to encrypt your personal information before it leaves your computer in order to ensure no one else can read it. Depending on your browser setting, a pop-up window will appear to notify you that you will be entering a secured page.
At HSBC, we use 128-bit SSL Encryption, which is accepted as the industry standard level.
Any email service within Internet Banking is similarly protected with encryption technology (unlike your regular email which is usually not secure).
Session Time out
If you forget to log off after banking online, or your computer remains inactive for a period of time during a session, then our systems automatically log you off. Pages viewed during a secure session are not recorded in your PC's temporary files.
We use many layers of security – for obvious reasons we cannot disclose all of them -- but the following are typically used:
HSBC is introducing one time password security devices. For more details visit our Security Device page.
We use log-ins and passwords to make sure we are dealing with you
Online access to your account is only possible once you have authenticated yourself using the correct Internet Banking ID and password, or security device code. For this reason, it is vital that you do not share your password or your security device code, and do not use the same password for other services (e.g., Yahoo, Hotmail, etc.)
Automatic Lock out
After a number of incorrect attempts to log in, we disable online access to your account. To re-activate your account, you should contact your usual helpdesk number.