Internet and Phone Banking Security

• Our commitment to security
  • Our guarantee
  • We will
  • We will never
• Security measures we take
  • Encryption
  • Digital certificates
  • Scramble pad
  • Transfer Money
  • VerifID
  • Automatic session timeout
  • Audits
• Tips for safe Internet banking
  • Passwords and PINS
  • Other safe computing practices
• Free security checks
• Hoax emails and phishing sites
• Hoax SMS or recorded messages
• Email employment scams
• Industry links
• When should you contact us?

Our commitment to security

Newcastle Permanent maintains an ongoing commitment to the integrity, availability and confidentiality of your financial resources.

Our Internet and telephone banking facilities give you the flexibility to undertake your banking at a time that best suits you.

To bring these facilities to you we use secure and trusted information technology and techniques that allow us to assure you that your finances are in the best possible care.

Our guarantee

Newcastle Permanent guarantees the integrity of your Internet banking and that you will not be liable for unauthorised transactions recorded against your account provided:

• You have observed the account Terms and Conditions;
• You have not by your actions or inactions contributed to the loss; and
• You conduct your Internet banking sessions from a PC with up-to-date security software installed and activated. Read more about safe computer practices.

We will

• Maintain the confidentiality and integrity of the information we hold for you.
• Continue to review, develop and protect all our resources with the best security and controls.

We will never

• Send you unsolicited emails regarding your financial affairs.
• Pass on your personal details including email address to anyone without your express consent.
• Ask you to divulge your password or access codes.

Internet banking - security measures we take

Our Internet banking system is secured by industry standard methods that ensure privacy of transactions during transmission.

Encryption

All communication between your browser and our secure Internet banking sites is encrypted using 128bit SSL encryption technology to ensure confidentiality of transactions performed on our site.

Digital certificates

We use Digital Certificates to ensure it is really us you are connected to. You can ensure that you are using our verified site by double clicking the padlock symbol (located at the bottom right hand corner of the window for most web browsers).

Scramble pad

To help protect information entered at your PC we have included the 'scramble pad' feature in our Internet banking logon page. Help with using the scramble pad is available from the Help button on the Internet banking logon page.

By using the scramble pad, you make it more difficult for key-logging viruses, which may have been inadvertently downloaded onto your PC, from compromising your access codes. Use of the scramble pad heightens the protection of your information and reduces the possibility of unauthorised transactions occurring on your accounts.

We are committed to ensuring the security of our online facilities. If you have any concerns regarding security, please contact our Member Support Centre on 13 19 87.

Transfer Money

We have reduced the maximum daily limit that applies to Transfers and Batch payments on Internet banking for both personal and business members respectively. This daily limit applies to the total value of Transfers from all accounts registered for Internet banking under the member number.

The reduced limit is a measure we have taken to reduce the risk of any potential losses should your Internet banking logon be compromised.

VerifID

Secure Internet banking is one of our ongoing priorities. That's why we've introduced VerifID, to make our Internet banking safer than ever.

How does it work?
The way it works is easy.  At the time of making a Transfer you will receive an automated call to your nominated home, work or mobile phone and be provided with a "once only" VerifID code to complete your transaction. Read more about VerifID.

Automatic session timeout

Our secure Internet banking sites automatically log you out to reduce the risk of someone else accessing your account if you leave your computer unattended. We do however recommend that you use the logout function of the site as soon as you finish your Internet banking session.

Audits

Newcastle Permanent periodically commissions reputable external auditors to review security measures employed on the site.

Tips for safe Internet banking

To ensure your logon details are securely protected you should:

• Only access the Newcastle Permanent Internet banking site by typing the website address (URL) www.newcastlepermanent.com.au into the address bar on your browser.
• When logging on always enter your access code using the scramble pad on the logon screen.
• Always check that the locked padlock icon is displayed in the bottom right-hand corner of your browser window and a valid digital certificate is issued to the site. The URL in the address bar must start with https:// (please note the "s" after http). The locked padlock icon is displayed in your browser window.
• Care should always be taken when using a computer for financial transactions in public places such as Internet cafes, educational institutions, libraries, airports, hotels, etc. Do not respond if you are prompted to save logon details.
• Never click on a link or respond to an email that asks you to divulge your personal or account information. Newcastle Permanent will never send you unsolicited emails regarding your financial affairs.
• Never leave your computer unattended when connected to our secure Internet banking site. Make sure you logout of the site specifically when you finish your Internet banking session.
• Click the logoff icon and close your browser when you exit the site.

Tips for safe Phone banking

• Never disclose your Phone banking access code or password to anyone.
• Make sure you’re not being watched when using Phone banking. 
• Ensure the call is disconnected when you have finished a Phone banking session.
• Use a password protected phone for Phone banking. 

Passwords and Access codes

Your password or access code is the key that allows you to access information that only you should be able to access.

• Do not use passwords or access codes that can easily be identified as belonging to you, such as your phone number or birthday.
• Do not write your access codes or passwords down or store them in your computer or wallet.
• Do not tell anyone else your password or access code even if they claim to be from Newcastle Permanent.
• Do not use the same password on all your online access accounts with Newcastle Permanent and other banking institutions.
• Change your access code or password frequently and make it different from the last one you used.
• If you think someone else has access to your access code or password you should immediately change it. If there are suspicious transactions that indicate someone else has been using your account, please contact our Member Support Centre on 13 19 87 immediately.

Other safe computing practices

The Internet is a great way to communicate, share information and do business but it is not tightly controlled. This means there are a number of threats that can potentially cause problems for you when using the Internet. We recommend the following measures to increase your Internet security.

• Operating system, browser and software updates. Keep up to date with software fixes (also known as 'patches' or 'security updates'). Using a current web browser will maximise your security.
• Anti-virus protection. Ensure that your computer has an up-to-date anti-virus protection program to detect and remove viruses. Also consider SPAM email filtering.
• Anti-spyware protection. Use a current anti-spyware protection program to detect and remove spyware from your computer.
• Firewall. Use a firewall to prevent unauthorised users from gaining access to your computer or network.
• Use extreme caution when accessing our secure sites from a public or shared computer such as those at Internet cafes, libraries, airports, hotels, etc. If you need to access a shared computer we recommend that you follow these steps to protect your privacy:
  • Ensure no one standing behind you is looking over your shoulder while accessing our site.
  • Logout of the site as soon as you finish your Internet banking session.
  • Close the browser by clicking on the 'X' icon, usually located at the top right-hand corner of the screen.
  • Verify that the last logon time corresponds with your last Internet banking session when you next logon to the site.
  • Change your password or access code as soon as possible when you next logon at a trusted secure computer.

Please note we have included the above information to help you get started. Always use your own computer support provider to help you configure your computer in the most secure way.

Free security checks

There are many different types of security software available that perform different functions. To help you, we have provided links to some software providers*.

Symantec Security Check:
symantec.com

McAfee Freescan:
us.mcafee.com

Hoax emails and phishing sites

Fraudsters have been known to set up copies of banking sites with the purpose of capturing personal online banking logon details. They usually then send out an email that instructs the recipient to follow a link to update their account details or logon to a website in order to verify details.

Unfortunately, when people enter their details into these sites the information is recorded and the fraudsters use it to transfer funds out of the real online banking facilities.

These websites and emails will often look legitimate so being able to identify a fake email from a real one can be difficult. Here are some things to consider:

• Members should only access Newcastle Permanent's Internet banking site by typing the website address www.newcastlepermanent.com.au into the address bar on their browser.
• Phishing scams try to trick people into disclosing account and personal information by sending an email with information that sounds important.
• Members are advised not to click on any links or reply to emails that request your personal information.
• Newcastle Permanent will never solicit security information via email or ask members to follow Internet links that require you to divulge personal or account details.
• We will never send you emails asking for your PIN access code, Internet or Phone banking security details.

Please disregard any email that advises you to access our site for the purpose of providing any of your personal details. Instead, delete the email immediately.

If you have concerns because you received a suspicious email that claims to be from Newcastle Permanent, please contact our Member Support Centre on 13 19 87 to verify the details.

Further information is available on Australian Government websites*

Hoax SMS or recorded messages

There are a number of SMS and voicemail messages currently being sent which are requesting you to call a number and then input your details via an automated service. If you receive any SMS message which you have not requested or are expecting, or a recorded message requesting a call back and you are suspicious, please contact us on 13 19 87 to confirm authenticity of the message.

Email employment scam

Victims of these scams are asked to provide their bank account details to prospective employers with the view to facilitate transfer of funds to overseas parties. In return the victims are compensated by a commission payment. However, the funds transferred have been obtained fraudulently. Do not provide bank account details to any prospective employer until you are satisfied that the employer is genuine and/or you have signed a contract of employment.

When should you contact us?

Please phone 13 19 87 and ask for our Corporate Security Department immediately if you suspect your personal details may have become known to others or if you believe an unauthorised transaction has been performed on your account.