This webpage sets out the security information of the electronic banking (“e-banking”) Services offered by Bank of China (Hong Kong) Limited ("BOCHK"), Nanyang Commercial Bank, Limited ("NCB"), Chiyu Banking Corporation Limited ("Chiyu"), BOC Credit Card (International) Limited ("BOC Credit Card") and Po Sang Securities and Futures Limited ("Po Sang") (each named as "the Company"). e-banking services refers to banking services delivered over the internet, wireless network, ATMs, telephone network or other electronic network, terminals or devices, including but not limited to the Company’s Internet Banking, Mobile Banking, Phone Banking, Automated Banking, WeChat official account, online services of BOC Credit Card and online futures trading services of Po Sang.
Latest / Important Security Information
- To safeguard your online banking security, verification code is required in Internet Banking / Mobile Banking login. During the Internet Banking / Mobile Banking services login process, customers are required to input the Internet Banking No. / User name and Internet Banking Password as well as a Verification Code.
- Customers are reminded not to log into Internet Banking or mobile banking through hyperlinks or QR Code embedded in any third-party websites, mobile Apps, emails or SMS. To ensure secure transactions, customers should input directly the website address of the Company into the browser address bar when logging into Internet Banking or mobile banking services.
- Customers should be aware of the obligations in relation to security for e-banking services including observing and following in a timely manner the “Conditions for Services” and the relevant security measures specified from time to time by the Company for the protection of customers.
- Customers should be responsible to take reasonable steps to keep any device (for example, personal computers, security devices that generate one-time passwords and smart cards that store digital certificates) or secret code (for example, Internet Banking password and phone banking password) used for accessing e-banking services secure and secret, including but not limited to:
- destroy the original printed copy of the secret code;
- not to allow anyone else to use their secret code;
- never write down the secret code on any device for accessing e-banking services or on anything usually kept with or near it; and
- not to write down or record the secret code without disguising it.
- If a customer acts fraudulently or with gross negligence such as failing to properly safeguard his device or secret code for accessing the e-banking services, he will be responsible for any direct loss suffered by him as a result of unauthorised transactions conducted through his account.
- Customers will be liable for all losses if customers have acted fraudulently. Customers may also be held liable for all losses if customers have acted with gross negligence (this may include cases where customers knowingly allow the use by others of their device or secret codes) or have failed to inform the Company as soon as reasonably practicable after customers find or believe that their secret codes or devices for accessing the e-banking services have been compromised, lost or stolen, or that unauthorised transactions have been conducted over their accounts. This may apply if customers fail to follow the safeguards set out above if such failure has caused the losses.
- Customers are reminded to stay vigilant to anything abnormal when logging into e-banking services (e.g. unusual pop-up screens, unusually slow browser response, multiple requests for password input etc).
- During the e-banking logon process, the Company will not request customers to enter any numbers to their security device to obtain security code. In case of doubt, please do not follow the instructions of the suspicious web page or input any data. Customers are advised to terminate the operation of e-banking services immediately. Please contact the Company in case of any enquiry.
- Customers should keep their personal information secure. The Company will not enquire customer's personal information, e.g. user name, password, one-time password or other account details by email, SMS or phone.