Online banking security

When you apply to use our services online, we will set up security credentials for you. Your credentials give you access to Barclays online services, and you should take adequate steps to make sure that this online information remains secret. To safeguard these details, you should:

  • Memorise your passcode and memorable word, and remember to destroy your passcode letter once you have memorised your passcode
  • Make sure that you do not tell anyone your passcode or memorable word, and ensure that they are kept secret by taking appropriate steps to prevent disclosure to a third party
  • Never keep details of your passcode or memorable word with your membership number in the same place
  • Avoid using the same passcode or memorable word on other websites
  • Double-check the details. Always make sure you check the payment details are correct.

Please contact us immediately if your credentials have been lost or stolen.

Tabbed browsing

You should not use tabbed browsing e.g. multiple windows with Internet Explorer when carrying out transactions on online banking.

Keep your PIN and smart card safe

If you’re a corporate client with access to Barclays.net and/or wealth online banking, it is vital to note that the smart card and PIN (Personal Identification Number) are specific to you and must not be disclosed or used by anybody else. Any unauthorised access must be avoided by strictly securing the use of your smart card. This means storing the card so only the relevant user can access it. In addition:

  • You should not leave your computer or laptop unattended whilst logged into digital channels
  • Don’t write down your PIN in any recognisable form
  • Change your PIN as soon as possible and keep any PIN details secret
  • Don’t allow a web browser to store your PIN
  • Only insert the smart card into the reader when it’s required to 'authenticate' your activity such as a transaction/payment or logging in. Once the activity has been 'authenticated' take the smart card out of the reader. This is critical as leaving the smart card plugged into a computer could seriously expose you to risk if a fraudster were able to take remote control of the computer; from a risk perspective, not removing the smart card is equivalent to leaving the engine running in an unattended, unlocked car.

Any loss or compromise of the smart card, or disclosure of the PIN (accidental or otherwise) must be reported immediately to your company’s systems administrator and the helpdesk. A replacement smart card and PIN will be ordered for you.

Logging out

Never leave your computer unattended while connected to any site you’re using, especially when banking online.

If you have logged in to the secure area of the site and then choose to finish your session, you should always log out to prevent unauthorised access to your account.

Public computers

Be extra vigilant if using public computers, including internet cafés, or wireless hotspots, where there is an increased risk of your online details being compromised. It’s recommended that you use computers which you directly control, or at least consider to be secure, to access Barclays online.

Don’t select options to remember your details on a computer other people may use.

Be aware of your surroundings

Make sure that no one is watching you and that you’re not being filmed by closed circuit television (CCTV) as this can capture personal details.

Check for monitoring equipment

If you’re using a computer in a public place, make sure the equipment you’re using doesn’t allow electronic eavesdropping or recording of your activities. This will prevent any username or password details from being seen or recorded by the keystrokes. These are hard to spot, so at work check with your company’s systems administrator or, if you’re in an Internet cafe or library, ask a member of staff.

Check the web site certificate

If you’re using a web site that is supposed to be secure, i.e. begins https:// check its online certificate via the yellow padlock symbol. The yellow padlock symbol is the security feature of our supported browsers (i.e. Internet Explorer or Firefox).

To check an online certificate left click on the yellow padlock symbol and check that the name on the certificate matches the site you are in and that it has a valid date. Please note that whilst a padlock sign denotes a secure encrypted connection a fraudster could still own the site.

With Firefox the yellow padlock symbol is displayed at the bottom of your browser screen, while with Internet Explorer version 7 and above it will be displayed at the top in the address bar.

Completely close the browser, clearing private data, when you've used a computer that other people may use.

Beware of free Wi-Fi

Don’t send or receive private information when your device is connected to public Wi-Fi unless you’re using a secure web page. To stay even safer use well-known hotspot providers.

Remember, we’ll never ask you for your PIN, password, PINsentry codes or mobile PINsentry codes.