How we protect you

You can add an extra layer of advanced security in our app.

'Biometric authentication' means using your face or voice to let us know it's definitely you and not a fraudster. For example, when you're setting up a new payee or updating your personal details.

This is different to using your device's face identification to log into our app.

It's a simple and more secure way of managing your money. You can find out how to set up biometrics with our guide.

We check the name, sort code, account number and type of account you intend to pay. To give you greater confidence you're paying the right person.

We use the latest technology and profiling systems to help us identify any suspicious activity on your account. Our colleagues are trained to spot suspicious payments and we will contact you immediately if we do. 

When you log into our Digital Banking service, on a lot of browsers you’ll notice that the address bar (which starts ‘https://’) turns green. This shows that the website has an extra level of security.

See our guide to find out more about our Secure Banking Promise and rules around Authorised Push Payment (APP) scams. 

• We will send you a text or a push notification when you create or update a payee using online or mobile banking with some details of the update.
• We send you either a text, push notification or email you when you have updated your personal information, like your address, and advise us how to contact us if this isn’t right.
• Sometimes we will send you updates via email, which might be about your account or about new products that might interest you. We will never send you a link to a login page for your online banking.
• If we send you a text message or push notification, we will never include a link to login pages.
• Where we are concerned about a payment being made on your account, we may contact you either by text message, push notification or a phone call (using your most up to date mobile number) to alert you to any suspicions we have. This may require you to respond and confirm whether the transaction was genuine or not.

In-app call is a secure feature that allows you to make voice calls directly from within our app. The call is made over internet, compared to traditional phone lines. You’ll need a stable internet connection to make the call.

You can find out more in our guide.

We use OTPs to help keep you safe from fraud. An OTP is a unique 6-digit code that may be sent to your mobile number. 

• Never share your OTP with anyone.
• It's important that you keep your mobile phone number up to date.

• If they have any suspicions, or if the call doesn’t feel right, call us back from an independently verified phone number (such as the number on the back of your bank card).
• We will never contact you and ask you to disclose your online banking PIN or password.
• We will never ask you to disclose card reader codes, app passcodes or activation codes.
• Never transfer money from your account, either online or in branch, after being instructed to do so, even if that person claims to work for the bank.

• You can access a full list of contact numbers including international numbers for our dedicated fraud and scams teams on our website.