Personal
Security Centre
How we protect you

Our security measures

How we protect you

On this page

Malwarebytes Premium Open in new window

I've received a replacement debit card Open in new window

What is Confirmation of Payee (CoP) Open in new window

Our Secure Banking Promise Open in new window

Robust controls Open in new window

Independent and industry testing Open in new window

What is Natural Language Call Steering (NLCS) Open in new window

Report fraud Open in new window

We protect you and your computer in many ways

We take security seriously, here are some of the things that we do to help keep you safe and secure when banking with oursleves

Malwarebytes Premium

We’re committed to helping you stay safe and secure online and are continuously investing in new fraud prevention tools and the latest security technology to keep you protected online.

That’s why we’re offering Malwarebytes Premium to our customers free of charge until at least May 2024.

Protect your online and mobile devices for free with the latest software.

Find out more Open in new window

Replacement debit card

We are always working to protect your account from fraud. Occasionally we might send you a new debit card to ensure your account remains safe and secure.

Why have I received a replacement debit card that I haven’t requested and before my existing card has expired?

We proactively issue replacement cards when there is a risk that the details of your existing card have been compromised.

We act quickly to get a new card delivered whilst your existing card remains active with the aim of protecting your account whilst minimising inconvenience to you.

Your new Debit Mastercard®

As we’re switching to Mastercard all our customers will receive a replacement card in new designs. Please visit our dedicated webpage to find out more.

What should I do next?

Start using the new card straight away, with your existing PIN. We’ll cancel your old debit card shortly.
Check your transactions on the Mobile app, Online banking or your regular statements.

If you see a transaction you don’t recognise you can find more information about the retailer and how to report fraud here.

If you want more information about managing your debit card you can find it here.

How do you know my debit card details are at risk of being compromised? Can you tell me how it happened?

Our fraud systems are constantly looking for indications that card details have been compromised. Once detected we do everything necessary to protect your account and one of the steps is to replace your card.

There are several ways your card details could have become compromised or known to another person. A shop you have used online may have lost some of their customer details; another individual may have simply copied your details; or you may have used your card in a shop or at an ATM that had a card skimming device attached to it. These are just a few examples.

Although we can’t tell you exactly how or when your card details might have been compromised, rest assured we are committed to protecting your account from fraud.

How can I protect myself from fraud and scams?

You can find useful information in the Fraud Guides about the more common ways that fraudsters target personal information as well as tips for safer shopping. In summary, we recommend that you:

Watch out for fake ads. Criminals can set up adverts that lead you to dodgy websites, stealing your card details. Use well-known retailers only and type the full web address into a new internet tab instead of clicking on ads.
Ensure you have up to date anti-virus software on your device. We offer Malwarebytes free of charge, you can find more information here.
Research and consider whether the retailer is trustworthy before making a purchase with card details.
Check the retailer website is secure – look out for 'https' or the padlock icon in the address bar.
Never reveal your card reader code or text message passcode to anybody, and never approve a payment in your mobile app that you haven’t made. If somebody is asking you to do any of these things, it’s a scam.
The bank or any trusted organisation will never ask you to move your money to a new bank account or ask you to hand over your bank card and PIN to ‘keep it safe’ or to ‘support a criminal investigation’ - this is a scam.
Stay alert to unexpected phone calls, texts, or emails from anyone claiming to be from the bank or other trusted organisations asking you to disclose or update your contact details. We recommend that before progressing, you should contact the organisation directly on a number or email you trust to ensure the request is coming from a genuine source.
If you’re worried about a fraud or a scam, remember you can call us using the number on the back of your debit card. Consider storing this number in your phone to make it easy to access, or dial 159 to be securely directed to us.

Why have I received a Debit Mastercard® instead of a Visa

We’re switching to Mastercard and all our customers will receive a replacement card in new designs. Please visit our dedicated webpage to find out more.

How can I keep my new Mastercard safe?

Your new card will work in the same way and nothing on your account will change as a result. We won’t be asking you for any personal or financial details, so watch out as these could be a scam. Take a look at some of the tips below to keep your card and account safe and secure.

If your address changes you should tell us immediately and ask Royal Mail to redirect your post. If other people have access to your post, consider collecting it from a local branch.
If you need to update your new card details with any retailers, make sure you go to their website directly and do not rely on links in emails to access their website. If you do, this could be a scam.
When updating your Apple or Google Pay, make sure to do this directly via the digital wallet features on your phone. If you receive an email asking you to do this, it could be a scam.
You need to make a PIN payment to activate your new card, always remember to cover your PIN when you’re using your card in a shop or at an ATM, and never divulge your PIN to anyone. Report any lost or stolen cards or compromised PINs to the Bank immediately.
You should always report any lost or stolen cards to us straight away. You can turn off features, such as contactless, and freeze your card if you have lost it by personalising your card controls within our app.

Confirmation of Payee (CoP)

Whether you’re paying a company, a friend or your dog walker, you want to be confident the payment you’re making is sent to the right person.

That’s why we’re introducing Confirmation of Payee (CoP); a name checking service that checks the name of the account holder you intend to pay - along with the sort code, account number and account type (Personal or Business) - against the details held for that account, giving you greater confidence you’re paying the right person. While many UK banks will be introducing CoP, they may launch this service at different times. So it’s also really important anyone who needs to pay money into your account knows your first and last name as it appears on your bank account.

Why are we doing this?

Our priority is to keep your money safe and secure. We’re introducing this name checking service to help protect you from so called “authorised push payment” scams. These are scams where people are tricked into sending money to criminals, who often pretend to be people they are not. It will also help avoid simple mistakes like mis-typing account details when you set up a new payment

How does this work?

When you set up a new payment using online banking or the mobile app, the account holder’s name will be checked against the account details held with their bank. We’ll then tell you if the details you’ve entered match, giving you more confidence you’re paying the right person

Secure banking promise

Whether you’re banking online or using our Mobile Banking app, rest assured you are protected by our Secure Banking Promise.

We'll refund any money paid out of your account by a fraudster, as long as you’ve kept your security information safe

We'll protect you 24/7 by monitoring your account and using the latest technology to keep you safe

We'll help you protect yourself with tips on staying secure and free tools for extra protection

Remember to take sensible precautions

Keep your antivirus and firewall software up to date

Secure registration and login process

Our registration journeys will ask for your personal account information, which only you should know.

Our login processes need the right information, in the right order and you are only allowed so many incorrect attempts before the system locks down for security.

When you log in to our Digital Banking service on a lot of browsers, you’ll notice that the address bar (which starts ‘https://’) turns green. This shows that the website has an extra level of security.

Our mobile apps also have biometric security enabled, so logging in can be even more secure through Apple’s Touch ID or Android Fingerprint.

A layered security system

When you first enrol for Digital Banking you will be given level 1 access, meaning that you are limited to making balance and transaction enquiries or moving money between your own accounts. To access level 2 services, like 3rd party payments you will need a card reader and a debit card.

The card reader is a security device that works with your Digital Banking service to provide an extra layer of protection against online fraud. The card reader also allows you to set up new payments, change your details and more.

In the app, a One Time Passcode will be sent to the mobile number we hold for you on the banks records before you can use services like Pay Someone New.

Royal Bank of Scotland Secure provides you with additional security when shopping online at participating merchants. On selected transactions we may send you a passcode for verification. Simply ensure that all your contact details including your mobile number are up to date with us so when using your card and verification is requested against a transaction, we can send you a One Time Passcode to your chosen contact method.

Robust controls

All payments are analysed for irregularities by our profiling engine.

If we hold your mobile number, we will send you an SMS or a push notification to confirm some activities on your account and check that it was you that made the transaction or changed some of your information, so it is important that we hold up to date contact numbers for you. If we suspect or become aware that your account may be subject to fraud, we will attempt to contact you.

Sometimes a fraudster may steal some of your security details and try to access your account through online or mobile banking. We temporarily disable online accounts if too many unsuccessful attempts have been made to log in.

Independent and industry testing

Regular tests of our mobile and online banking systems are undertaken by independent industry experts to ensure our services meet the highest standards of security. All of our websites are monitored and protected from sophisticated attacks such as DDoS (Distributed Denial of Service).

Natural Language Call Steering (NLCS)

What is Natural Language Call Steering (NLCS) and Why Are We Introducing It?

NLCS is a function we are introducing to our Royal Bank Telephony services. You will be asked to state how we can help you rather than use the push button functionality of the old IVR system. Based on what you say, NLCS will route the call appropriately once you've been ID’d – this will either be into the self-service options, or to the right colleague.

Something else we can help you with?

Type your question here