Our security measures

How we protect you

We protect you and your computer in many ways

We take security seriously, here are some of the things that we do to help keep you safe and secure when banking with oursleves

Malwarebytes Premium

We’re committed to helping you stay safe and secure online and are continuously investing in new fraud prevention tools and the latest security technology to keep you protected online.

That’s why we’re offering Malwarebytes Premium to our customers free of charge until at least May 2024.

Protect your online and mobile devices for free with the latest software.

Confirmation of Payee (CoP)

Whether you’re paying a company, a friend or your dog walker, you want to be confident the payment you’re making is sent to the right person.

That’s why we’re introducing Confirmation of Payee (CoP); a name checking service that checks the name of the account holder you intend to pay - along with the sort code, account number and account type (Personal or Business) - against the details held for that account, giving you greater confidence you’re paying the right person. While many UK banks will be introducing CoP, they may launch this service at different times. So it’s also really important anyone who needs to pay money into your account knows your first and last name as it appears on your bank account.

Why are we doing this?

Our priority is to keep your money safe and secure. We’re introducing this name checking service to help protect you from so called “authorised push payment” scams. These are scams where people are tricked into sending money to criminals, who often pretend to be people they are not. It will also help avoid simple mistakes like mis-typing account details when you set up a new payment

How does this work?

When you set up a new payment using online banking or the mobile app, the account holder’s name will be checked against the account details held with their bank. We’ll then tell you if the details you’ve entered match, giving you more confidence you’re paying the right person

Secure banking promise

Whether you’re banking online or using our Mobile Banking app, rest assured you are protected by our Secure Banking Promise.

We'll refund any money paid out of your account by a fraudster, as long as you’ve kept your security information safe

We'll protect you 24/7 by monitoring your account and using the latest technology to keep you safe

We'll help you protect yourself with tips on staying secure and free tools for extra protection

Remember to take sensible precautions

Keep your antivirus and firewall software up to date

Secure registration and login process

Our registration journeys will ask for your personal account information, which only you should know.

Our login processes need the right information, in the right order and you are only allowed so many incorrect attempts before the system locks down for security.

When you log in to our Digital Banking service on a lot of browsers, you’ll notice that the address bar (which starts ‘https://’) turns green. This shows that the website has an extra level of security.

Our mobile apps also have biometric security enabled, so logging in can be even more secure through Apple’s Touch ID or Android Fingerprint. 

A layered security system

  • When you first enrol for Digital Banking you will be given level 1 access, meaning that you are limited to making balance and transaction enquiries or moving money between your own accounts. To access level 2 services, like 3rd party payments you will need a card reader and a debit card.

    The card reader is a security device that works with your Digital Banking service to provide an extra layer of protection against online fraud. The card reader also allows you to set up new payments, change your details and more.
  • In the app, a One Time Passcode will be sent to the mobile number we hold for you on the banks records before you can use services like Pay Someone New.
  • Royal Bank of Scotland Secure provides you with additional security when shopping online at participating merchants. On selected transactions we may send you a passcode for verification. Simply ensure that all your contact details including your mobile number are up to date with us so when using your card and verification is requested against a transaction, we can send you a One Time Passcode to your chosen contact method.

Robust controls

All payments are analysed for irregularities by our profiling engine. 

If we hold your mobile number, we will send you an SMS or a push notification to confirm some activities on your account and check that it was you that made the transaction or changed some of your information, so it is important that we hold up to date contact numbers for you. If we suspect or become aware that your account may be subject to fraud, we will attempt to contact you.

Sometimes a fraudster may steal some of your security details and try to access your account through online or mobile banking. We temporarily disable online accounts if too many unsuccessful attempts have been made to log in.

Independent and industry testing

Regular tests of our mobile and online banking systems are undertaken by independent industry experts to ensure our services meet the highest standards of security. All of our websites are monitored and protected from sophisticated attacks such as DDoS (Distributed Denial of Service).

Natural Language Call Steering (NLCS)

What is Natural Language Call Steering (NLCS) and Why Are We Introducing It?

NLCS is a function we are introducing to our Royal Bank Telephony services.  You will be asked to state how we can help you rather than use the push button functionality of the old IVR system. Based on what you say, NLCS will route the call appropriately once you've been ID’d – this will either be into the self-service options, or to the right colleague.

Something else we can help you with?