Skip to content
  • Laptop on wooden table

    Online and mobile security

    We take protecting your finances seriously. All day, every day.

The top 3 security tips

  • sc-ib-iconography-international-investments-effortless-transactions

    Always use a computer that you trust.

  • sc-ib-iconography-international-investments-diverse-advisory

    Always log out after finishing an online banking session.

  • Contact Standard Chartered immediately in case of suspicious activity.

A guy using a tablet

Online security

Your security is our priority. We keep you safe with:

256 bit encryption

When you perform online banking, your transactions are encrypted to protect against data from being intercepted and stolen by hackers.

Secure firewalls

Our online services are protected by firewalls to protect against potential breaches.

Prompt notification

Customers are notified promptly via SMS to their registered mobile numbers every time a transfer is performed using their online banking account.

Automatic logouts

Long periods of login inactivity may increase the risk of fraud and other issues so we will log you out of your online banking session after 15 minutes of inactivity to prevent others from gaining access to your account.

Web Access Firewall
  • Standard Chartered uses a Web Access Firewall (WAF) to filter, monitor and block unwanted HTTP traffic to and from a web application. A WAF is able to filter the content of a specific web application. It can prevent attacks stemming from web application security flaws, such as SQL Injection, Cross-Site Scripting (XSS) and security misconfigurations.
  • Standard Chartered deploys Distributed Denial of Service (DDoS) mitigation tools to protect our channels from denial of service.
A tablet and a caution sign

Monitoring & alerts

We constantly monitor all online activities. When we identify something suspicious we take preventive measures to ensure your accounts are safe:

Monitoring

Banking systems and transactions are continuously monitored by our security team to detect and respond to any threats or risks.

Email and SMS alerts

We give you the option to configure SMS and email alerts, to stay informed when important account information changes or transactions are made using your accounts, including the following:

  • Payments and transfers are made using your accounts.
  • Amendments to balance threshold/limit.
  • Changes to account data.
Secure eStatements

eStatements enable you to keep track of all your transactions easily and efficiently:

  • All eStatement data are encrypted during transportation.
  • eStatements are password protected, and are only sent to the email address last notified.
  • Electronic alerts via SMS/email are sent to remind you when your eStatement is ready for viewing (Electronic alerts via SMS service is not available for customers of Standard Chartered China).
Secure transfers and bill payments

Additional alerts and authentication enhance the security of your online and mobile banking activities:

  • Two Factor Authentication (2FA) is required if you wish to add new payees, complete a bill payment or perform a fund transfer.
  • SMS/Email alerts inform you when a new payee has been added.
  • You can set daily transfer limits for your accounts.

Someone using a phone

Protect your devices

Ensure all your software, operating systems and internet browsers are up-to-date. You should:

Enable personal firewalls

Personal firewalls will ensure the right data goes to the right places and keep unwanted connections from accessing your personal information.

Turn on password protection

Lock your machine when you’re stepping away from your computer or configure a password-protected screensaver to be activated after a few minutes of inactivity.

Install anti-virus and malware scanning
  • Anti-virus/malware protection solutions are key in securing your computer from online threats.
  • Always update your anti-virus software with the latest version.

Secure your connections

A well designed and managed network protects traffic and transactions from intrusion. You should:

Disable “File and Printer sharing”

This prevents unauthorised access to your files, printers and network.

Secure your home network

Safe banking at home starts with securing your own network:

  • Ensure you have anti-virus/a malware solution installed on your personal computer.
  • Follow the manufacturer’s recommendations to configure your home router with appropriate security settings. Your wireless network should at least be locked with a WPA level protection, and WPA-2 level whenever possible.
  • Never share your home WiFi access/password with unauthorised persons . By allowing someone access to your network, you are giving them access to a system where data comes in and out. A cyber criminal may exploit this to see what the users on the network are doing and may use your WiFi as a prime hunting ground for valuable data.
Only use trusted public networks

Never connect to networks that are neither secured nor encrypted.

Browse securely
  • Ensure that your web browser is up-to-date.
  • Do not store your username/password in the browser.
  • Only log in through our official website or applications and always remember to log off.
  • Keep your token for One Time Password (OTP) secure .
Verify website links

Cyber criminals may create fraudulent websites that mimic real websites with a similar appearance and a seemingly related URL.

  • Check the web address in your browser’s address bar. Look out for other signs of malicious sites such as outdated design, broken links, poor grammar, and other errors.
  • Always type in the URL of Standard Chartered website directly into the address bar of your browser.
A smiley Asian girl

Secure your data

We encourage you to add extra layers of security to your devices.

Protect your bank accounts

We will never:

  • Request your account information and password over the phone, via email or SMS.
  • Send messages that contain poor spelling and grammar.
  • Send messages that claim you have won a prize or direct you to click on a link.
Secure your PIN and password

Your passwords and PIN should:

  • Be kept confidential and never shared with anyone.
  • Be memorised, don’t write them down.
  • Regularly changed and updated, especially if you suspect that it has been compromised.
  • Not be based on guessable information such as your name, telephone number, birthday or other personal information.
  • Not be stored or retained in your browser.
  • Not be based on the same details that you use to access other services such as email, other Internet sites, ATM PIN, or Phone banking PIN.

For better security, we recommend that your password:

  • Contains 8-16 characters using numbers, upper- and lower-case letters and special characters. Phrases that are easy to remember but hard to guess work well, e.g. IL1k35tr0ngP@ssw0rd5.
  • Does not contain 3 or more consecutive identical characters, e.g. “aaa” or “111”, etc.
  • Does not contain 4 or more consecutive characters as part of your password, e.g. “1234” or “abcd”, etc
Other useful tips

Only log in through our official website or mobile applications and remember to log off:

  • Never log in to online banking from any email you’ve received – we will never ask you to log in via an email link.
  • Always log out from your online/mobile banking account. Closing the browser window does not guarantee secure logout and it could leave your account open to misuse.

Secure your confidential documents:

  • Lock your confidential documents in a safe place and shred any bills, receipts, statements and unwanted mail you wish to get rid of, as they contain key details that can be used to steal your account information.

Protect your identity:

  • Cyber criminals are targeting social networking sites and online forums such as Facebook™, Twitter, Instagram, LinkedIn, and Sina Weibo amongst many others in an attempt to steal personal information – so be careful with what you share online.
  • Do not publish details that can identify you. They include birthdates, phone numbers, addresses and full names.
  • Limit access to your profile. Consider restricting your profile to friends and family only.
  • Keep your password safe and don’t use the same one for all your online accounts.
  • Make sure you understand the privacy policy of each site as some may sell users’ email addresses, leaving you susceptible to phishing attempts and spam.

Check your statements regularly:

  • This will help you spot any fraudulent transactions. If you notice something unusual or suspect that you have been a victim of fraud or identity theft, please contact us immediately by calling the number on the back of your card or bank statement.

Keep your token for One Time Password (OTP) secure:

  • Do not allow anyone to use or tamper with your security token.
  • Do not reveal the OTP from your security token or SMS to anyone.

threat-fraud risk

Know the threats

The first step in avoiding threats is knowing what to look for and how to protect against them:

Malware

Malware (viruses, worms, trojan horses, spyware etc.) is designed to cause damage to your computer or network, steal personal information or even spy on your computer activities.

Tips on how to protect yourself against malware:

  • Ensure you have anti-virus/malware protection installed on your devices.
  • Do not download files (including email attachments) without verifying that they are from a legitimate source.
  • Delete junk and chain emails – do not open them. If you opened one, do not click on any links or images and do not download attachments.
  • Only install applications from verified sources/providers.
  • Never connect to unknown and unsecure Wi-Fi networks when performing online banking transactions.
Phishing

Phishing is a fraudulent attempt where cyber criminals try to trick you into giving personal information that can be used for fraudulent activities such as payment scams, identity theft and credit card fraud. Doing this over the phone is known as voice phishing or vishing.

Tips on how to protect yourself against Phishing:

  • Treat all unsolicited emails, SMS/requests online with caution.
  • Verify if the sender/caller is legitimate – if you’re unconvinced, call back using an official phone number e.g. from the back of your bank card.
  • Do not click on links or open attachments in suspicious messages.
  • Do not give in to any requests for personal information.

We will never ask for confidential information by email, phone or SMS.

SIM replacement fraud

SIM card replacement fraud is when a cyber criminal requests a replacement SIM card by pretending to be you – claiming loss or malfunction of the SIM card. The mobile service provider deactivates your existing SIM card and issues a replacement card to an address specified by the cybercriminal. The cybercriminal now receives all confidential bank notifications, including OTPs.

  • Contact your mobile operator immediately if you stop receiving calls or texts for unknown reasons.
  • If your phone is displaying a “SIM not registered” or a similar message, call or visit your mobile operator immediately.
  • Secure your mobile device using a password/passcode.

Someone using a phone on a table

Securing your mobile

We are committed to helping our customers manage their money safely on the go. Discover some of the measures you can take to safeguard your account information when using your mobile phone:

Protect your phone

Mobile payments and banking are becoming increasingly popular and it’s important to apply the same security measures to your mobile phone as you would to your computer.

Useful tips
  • Always use the Apple App Store or Android Google Play Store to download the SC Mobile banking application.
  • Do not store passwords or account numbers on your mobile phone.
  • Never use a jailbroken device for your mobile banking.
  • Ensure that your mobile device is updated with the latest version of the operating system.
  • Always log out and never leave the Standard Chartered mobile banking application running in the background.
Smart social networking

Social networking lets you stay in touch with friends and family, but you should be careful about what you share online.

Useful tips
  • Share carefully – be wary about sharing information that could be used to steal your identity. This includes your date of birth, address, or phone number.
  • Keep potential fraud and spam out of your regular email inbox by creating a separate email for social networking purposes.
  • Use a unique password for each of your social networking profiles. Ensure it doesn’t match passwords used for banking and other related activities.

We are here to protect you:

Scammers use a variety of tactics to trick potential victims into revealing sensitive information, making fraudulent payments or allowing unauthorised access to accounts.

Reporting social engineering threats

If you have received a suspicious email (phishing), call (vishing) or text message (smishing) targeting you as a customer of Standard Chartered, or identified a suspicious social media account claiming to represent Standard Chartered, report it to us immediately by emailing phishing@sc.com.

In your report, please share as many details as you can to help us with our investigations e.g., sender details, attachments, screenshots and links.

Reporting other security concerns

For anything urgent (e.g., to report a suspected fraudulent transaction), call us immediately using the number on the back of your bank card.

To report any security issues related to our online services and applications, please contact security@sc.com.