Security

OTP Bank S.A. makes every effort to maintain a secure environment for both offline and online banking. However, the main vulnerability that generates most fraud and losses in the financial sector - the human factor, goes beyond the bank's area of influence.

Do not disclose to anyone, including bank employees, your authentication data such as username and password, one-time codes and passwords, confidential card data such as: full card number, cardholder data, CVC/CVV code. OTP Bank will never ask for your confidential login and transaction authorization data within OTP Internet and Mobile Banking or other bank systems by phone, e-mail, SMS or other means of communication.


Indications that an attempt is being made to compromise your account:

  1. You have difficulty logging in and the password you think is correct no longer works
  2. You are notified in the system by Email or SMS that your password is to be changed or has been changed
  3. You receive notifications via SMS, Email or in OTP Internet and Mobile Banking about the authorisation of transactions that you have not carried out.


If you have any suspicions of attempted fraud, please contact the Call Centre Service immediately on (+373) 22 256 456.

The bank's systems have complex safeguards in place, but in order to increase the level of resistance to fraud attempts and to avoid exposing yourself to fraud risks, we urge you to follow the recommendations described below. Failure to follow these recommendations significantly increases the likelihood of potential fraud and exposes you to risks that you must take.

Security recommendations

Password security

  • Use complex passwords which contain uppercase, lowercase letters, digits and special symbols but are easily memorable;
  • Passwords should not contain information associated with you or your business;
  • Do not use OTP Internet and Mobile Banking passwords for other systems and services you use;
  • Change your password no less frequently than once every 90 days and do not disconnect the forced password change functionality from your information systems.
  • Opt for multi-factor authentication options (password + token).



Information systems security

  • Only install software from trusted sources;
  • Use antivirus systems on all devices;
  • Avoid disconnecting protection systems on digital devices;
  • Regularly update the operating systems and applications you use.



Security of communications and sensitive data

  • Check the source of the information request. Often the information you are presented with on device screens (such as the phone number from which you are being called, the email address from which the email is coming) can be falsified. If you have any doubts about the truthfulness of the information, please contact your bank's Call Centre and check its truthfulness.
  • Do not pass on passwords, one-time passwords and your card details to third parties, including bank employees.
  • Avoid accessing links and opening attachments in E-mails from unknown senders;
  • Do not reply to E-mails from unknown senders, especially if any financial or personal information is requested;
  • Verify the identity of the person with whom you are communicating by message or phone;
  • Consider the confidentiality of the information you are asked to provide by someone before sending it;
  • Don't share passwords with anyone and don't keep them on paper, on your phone or computer;



Bank card security

  • Sign the card on the back as soon as you receive it;
  • Do not keep the card and PIN in the same place;
  • Keep cards and documents with card numbers out of reach of children;
  • Don't tell anyone your authorisation codes for online transactions and don't authorise biometric transactions that you don't carry out yourself.