Skip to Content

Online Banking, protecting your security

We’re 100% committed to protecting your security and privacy online

01

Safety tips

Simple steps to protect yourself online.

Visit the NAB Cyber Safety Hub for more tips to help you stay safe online.

  • Don’t share your passwords, PINs, passcodes or Pattern Lock codes with anyone including UBank staff, and don’t write them down.

  • We’ll SMS you one-time passcodes for online banking transactions and password resets, so it’s important to keep your phone secure. These messages will state that they are a secret code which should not be shared with anyone, even UBank. If you call UBank, we may send you an identification verification SMS; the message will state that this is the only code we will ask you to provide to us.

  • Use a unique password for each of your online accounts. Make passwords hard to guess. Your password should:

    • be at least 7 characters long
    • begin with a letter
    • include at least 1 number
    • not include your first name, last name, birth date or email address

  • Ensure the software on your devices is kept up-to-date, including the operating system and anti-virus software. Visit NAB’s website to learn more about our free anti-virus offers for customers.

  • Turn on automatic software updates to ensure your devices always have the latest software installed.

  • Remember to log off when you’ve finished using online banking.

  • Avoid using computers in public places such as internet cafes, hotels and airport lounges to conduct online banking.

  • Always access UBank’s website by typing ubank.com.au in to your Internet Browser. Make sure the website address starts with “https” and a padlock is displayed.

  • When downloading Apps, ensure they are from official App stores (Apple App store or Google Play store). Never download an App from a link/attachment in an email or SMS.

  • Only perform banking on trusted devices and on trusted Wifi/networks. Never accept a request to download a program or certificate to your device in order to use a public Wifi network.

  • If you discover a transaction you don’t recognise, please contact us immediately.

If you have a UBank Debit Card:

  • Notify us immediately if you become aware that your card has been lost, stolen or used by someone else.

  • Sign the back of a new card when you receive it.

  • Don’t let anyone else use your card – including family members or friends.

  • Regularly check that the card is still in your possession.

  • Destroy your card when it expires by cutting it diagonally in half (including any embedded microchip on the card; magnetic strip and security code).

  • Protect your PIN when entering it on ATMs and EFTPOS terminals.

  • Try to memorise your PIN so you don’t have to write it down.

  • Don’t choose a PIN that is easily identified with you. For example, your birth date, car registration, telephone number or your name in part or full. (If the guidelines for choosing a PIN are not followed, you may be liable for any unauthorised transactions.)

Ensure you keep up-to-date with the latest security alerts and information in order to protect yourself online.

Remember: If you think your online banking information has been compromised or there has been unauthorised access to your account, please contact us on 13 30 80 immediately.

02

What we do to protect you

Security measures to keep your investments secure.

SMS security

We’ll send you one-time passwords via SMS for transactions you make using online banking as an extra security measure.

Transaction monitoring

Every transaction made through UBank is monitored for anything suspicious or unusual.

Transport Layer Security Encryption

UBank’s website uses TLS (Transport Layer Security) encryption technology to protect your information. To ensure compatibility with our site, please keep your browser up-to-date.

Banking sessions timeout

We’ll automatically log you out if you’ve been inactive for a while.

Maximum transfer limits

We limit the maximum you can transfer via online banking each business day. If you need to transfer more, call us on 13 30 80 for assistance.

Lockout

After a number of failed logins, access to online banking is automatically blocked.

03

The UBank Defence

Working 24/7 to keep your money safe.

Should the worst occur, you’re still protected.

The UBank Defence is our promise to you that we’ll reimburse 100% of your money should it be fraudulently taken from your account, provided:

  • It’s clear you didn’t contribute to the loss

  • You promptly let us know when you become aware of any unauthorised transactions
Contact us immediately on 13 30 80 if:

  • Your password/PIN has been shared or compromised.

  • Your card or mobile phone has been misused, lost or stolen.

  • The device you use for online banking has been lost, stolen or infected with malicious software.

  • There’s unauthorised transactions on your accounts or you believe your UBank account has been accessed by an unauthorised person.

04

Security alerts

Be on the look-out for suspicious messages.

December 2018: Security changes

At UBank, we’re 100% committed to protecting the security and privacy of our customers online.

On Friday December 21, 2018, we made some changes to security. Customers will now receive an SMS authentication code when transferring between their own UBank accounts.

More information on these changes can be found here.

November 2018: Mobile phone porting

UBank is aware of mobile phone porting attempts targeting Australians.
 

What is mobile phone porting?

Mobile phone porting describes when your mobile phone number is ported (transferred) to a new telecommunications provider without your permission. This may enable criminals to receive SMS authentication codes sent by your bank, in order to authorise online banking transfers without your knowledge.
 

How does it occur?

In some cases, all that is required to port a phone number is an account or phone number, and date of birth. These details are often included on phishing sites that appear to represent legitimate companies requesting personal and financial information. Another common way of accessing this information is by stealing mail out of letter boxes or rubbish bins.
 

What to look for

If your mobile phone service is suddenly disconnected, it may show ‘SOS only’ where the carrier name usually appears on the screen. This could be a warning sign that your mobile phone has been transferred to another provider without your authorisation.

If your service does not return in a short period, contact your mobile provider immediately to confirm why your mobile service is not working.

If your mobile has been transferred to another provider without your permission, please contact us on 13 30 80.


How to protect yourself

  • Be on the lookout for suspicious emails, text messages and calls requesting personal and banking information. UBank will never ask you to confirm, update or disclose personal or banking information via a link in an email or text message.
  • Report suspicious messages to hoax@nab.com.au and then delete them, without clicking on the links or attachments.
  • Access UBank’s website by typing ubank.com.au into your browser, rather than clicking on links or attachments.
  • Turn on two-factor authentication for your UBank accounts, and ask your mobile provider if you can do the same for your mobile phone account. This means another piece of information (such as a password, or code sent to you via SMS) is required before certain actions can be taken.
  • Ensure you have a locked padlock on your letterbox, and shred any documents such as bank statements before disposing of them.

  

What are phishing/hoax emails?

Fraudulent emails, text messages and phone calls that appear to be from UBank, NAB or other legitimate businesses may attempt to trick you into providing personal information such as your online banking password, email address or credit card details. This is known as ‘phishing’.

UBank and NAB will never contact you asking for this type of information and we will never send you a link to online banking asking you to log in.

If you’re unsure about the legitimacy of a call purporting to be from UBank, hang up, and call us back on our official phone number (listed on our website and on the back of your cards) to verify the call was legitimate.

Two examples of phishing messages are below.

If you have received a suspicious message that appears to come from UBank or NAB, do not click on any links or attachments. Please forward it to hoax@nab.com.au and then delete it.

You can report suspicious SMS messages by taking a screenshot on your phone and forwarding it via email to hoax@nab.com.au.

If you have received a message of this type and clicked on the links or attachments, or provided any information, please contact UBank immediately on 13 30 80.

Visit the NAB Cyber Safety Hub for more tips to help you stay safe online.