Reliability and security are essential to banking in general, and to online banking in particular. Safeguarding your financial information and protecting it against unauthorized access is a top priority for all of us at Bank Hapoalim. To achieve this, we maintain rigorous security protocols.
Data security on the online banking log-in page is aimed at ensuring unique customer identification and the encryption of identifying information and banking data transmitted during online activities.
Your User ID and password
When you sign up for online banking at Bank Hapoalim, you will be issued a User ID and a temporary password. The User ID is permanent, for use every time you log in. The temporary password is valid for 14 days.
The first time you sign in to the service, you will be asked to replace the temporary password with a password of your choice. You can choose to change your password again at any time.
Each time you sign in to the service, you will be asked to provide your User ID, Identification Date , and password.
Your User ID and password allow access to your accounts and are intended exclusively for your own use; do not share them with anyone.
We recommend that you change your password periodically.
We will never, under any circumstances, ask you for your password over the telephone. Even if someone requests your password, do not give it out. Report the request immediately to your account manager .
In order to maintain the confidentiality of the information in your account, access to the account will be blocked following five failed sign-in attempts. To regain access, contact ??? to reset your password.
Communication between your Internet browser and the bank’s server is encrypted and secured using advanced, stringent encryption methods based on technologies that are the highest standard for information encryption on the Internet. The secured connection prevents any information transmitted from being exposed to other Internet users.
Bank Hapoalim uses advanced security technology. The bank server does not connect directly to the Internet; it is isolated by several levels of protection, including routers, filters, and firewalls. All transmissions that begin or end with a connection between the bank’s server and the Internet are continuously monitored and observed. The bank consistently keeps up to date with new technological developments in software and hardware, in order to deliver the highest possible level of protection. We do everything possible to protect the secrecy of your information.
Secure Surfing guidelines
In order to enjoy the advantages of secure online banking and browsing, we recommend that you observe the following guidelines.
Logging in to your online banking account
To access your account, enter your log-in details on the log-in page. Never use a link received by e-mail to access your bank account.
When you log in and while you are accessing your account, make sure that the webpage address in your browser begins with https://, indicating a secure connection, not http://, and that the closed lock icon appears in the address bar of your browser.
The date of the most recent log-in to your account appears at the top of the page. This allows you to be certain that your account has not been accessed without your knowledge.
We recommend logging in periodically to keep track of your account.
Logging out of your online banking account
When you have finished using the online service, click the Exit button on the upper right-hand side of the screen. If there is no activity for more than 15 minutes, you will be signed out automatically.
- Avoid choosing a password that is easy to guess or copy, or contains personal details such as your name or date of birth.
- Do not use a sequence of letters or numbers, such as 12345678 or abcdefghi.
- Do not keep your password with your User ID or token .
- Avoid writing down your User ID or password near your computer, in files on your computer, or anywhere easily accessible to others.
- Do not enable your browser to save your password for automatic entry.
Four ways to make your computer more secure
- Keep your antivirus software up to date.
- Use firewall software to reduce the risk of unauthorized access to your computer.
- Use spyware-detection software to protect your privacy.
- Frequently update your operating system.
Phishing is an attempt by criminal hackers to obtain personal information, such as passwords, account numbers, and credit-card numbers, via e-mail messages and bogus sites that mimic legitimate websites.
How to spot a phishing scam
A scam message is likely to ask for an immediate reply or urge you to click a link, which may lead to a bogus website mimicking the appearance of a familiar legitimate website.
Suspicious signs include requests for a reply containing personal information; “urgent” messages demanding immediate action, and threatening that any delay may cause damage or result in loss of access to the site or service; and messages with spelling and syntax errors.
How to avoid phishing scams
- Do not send personal information by e-mail. This includes your ID number, bank account number, credit card number, password, etc.
- Immediately delete any e-mail message that looks suspicious, without opening it.
- Use antivirus software to scan your computer for viruses.
- Do not attempt to access your bank account through a link sent to you by e-mail.
How to react to a suspected phishing scam
Inform your account manager immediately .
If you suspect you have provided personal information (such as your ID number, bank account number, User ID, etc.) to a bogus site, log in to the bank’s website through your browser and change your User ID and password immediately.
If you suspect you have provided credit-card information to a bogus site, notify your credit-card company immediately and follow their instructions.
In general, be wary of “tempting” offers in your inbox. Even clicking on a link in an e-mail can allow criminals to gain access to your data. Try not to open unknown e-mails, and never open attachments unless you are certain you know the sender and you are confident that the message was sent to you intentionally and is virus-free.
Think twice before giving out your e-mail address. Some websites ask users to provide an e-mail address for registration and other purposes. We recommend only providing your e-mail address to trusted sites.