About us - Online Security

Digipass

What RaboDirect does to protect you

Identifying you when you call us

From time to time you may need to call our Customer Experience Centre to enquire about your account. If you require confidential information we will ask you a number of questions to identify you. All incoming calls to our Customer Experience Centre are recorded.

Digipass device

At RaboDirect we don't use static passwords, make you download special software to your computer or use cards with access codes. Why not? Because they are vulnerable to key stroke logging, spyware and so-called 'phishing' attacks.

All RaboDirect customers are provided with a Digipass free of charge which must be used to log on to your account and conduct transactions. The Digipass is a small hand-held device that looks a bit like a small calculator.

Our security system is based on the principle of 'two-factor authentication' which is based on:

  1. Something you know: your unique Customer Number and personal PIN code for your Digipass and,
  2. Something you physically have: your Digipass which generates a one-time access code that is only valid for a limited period. Your Digipass is also used to authenticate transactions giving a double layer of security.

Your Digipass cannot be used without your PIN making it worthless to somebody else should it be lost or stolen.

Therefore, if someone gets hold of your Customer Number, they can't access your accounts without having your Digipass & vice versa. The Digipass gives you peace of mind knowing that your financial information is always protected.

Important - RaboDirect will NEVER send you an email requesting your personal access details. If you ever receive such an email please notify us immediately.

Sounds great but how does it work in plain English?

When you become a customer we issue you with your own Customer Number. We will also provide you with a 5 digit Personal Identification Number (PIN) code for your Digipass. Your Digipass will be sent separately to you with simple instructions on how to use it.

When you get your Digipass you have to change the PIN code we have given you to a PIN code of your choice. Please don't use a code that could easily be guessed like your date of birth for example. Once you've changed your PIN code you're ready to bank online!

Please don't write the PIN code on the back of your Digipass or leave it lying around. Always treat your Customer Number and Digipass PIN code confidentially and do not disclose them. If you are concerned that they have fallen into the wrong hands you must contact us immediately.

You use the Digipass to log on to your RaboDirect online bank account. You enter your unique Customer Number in the first box on the screen and then enter the 6 digit code number that your Digipass generates in the second box. Takes about 10 seconds and that's it.

You also need to use your Digipass to confirm any transactions that you make, eg. transferring money out, buying and selling managed funds, opening a term deposit. Here you will need to enter the 6 digit challenge code displayed on screen into your Digipass. Your Digipass will give you an 8 digit code which you enter into the box on screen. Pretty simple really and very secure.

If you enter an incorrect PIN code 5 times in a row your Digipass will be blocked and you will need to request an unblock code from us.

Want to know more? Read our Frequently Asked Questions about the Digipass

Encryption

When you log on to your RaboDirect account a secure connection is established between your browser and the Rabobank systems using SSL technology (Secure Sockets Layer). This is an accepted technology on the internet used by a majority of financial institutions.

SSL creates an encoded connection for which the key is only known by the Rabobank systems and your computer. Think of it as sending your message in sealed envelope. When receiving the message the Rabobank systems (or your computer) checks if the seal was broken along the way. The data which is transmitted between your computer and the Rabobank systems is encrypted using 128-bit encryption.

Online banking session time-out

If you leave your online banking session for a specified period of time your session will time out. This means you will be automatically logged off from your online banking session and you will need to log on again to access your account.

We do this to reduce the risk of someone accessing your online banking account if you leave your computer unattended. This is not something you should do. We also recommend you avoid using computers in internet cafes if you want to access your online bank account as you don't know if these computers are infected with viruses or the local network can be taped by criminals.

Look out for the padlock icon

When you access your RaboDirect online bank account you will be in a secure session. How do you recognise this? A web address beginning with "https://..." indicates the page you are viewing uses encryption. The "s" stands for "secured."

When you click on "Login to your account" on the RaboDirect site, the URL in the pop-up window should start with: https://secure.rabodirect.com.au.

The internet browser that you use, eg. Internet Explorer, Firefox, Safari, Opera etc, will display a padlock icon on the screen to indicate that you are in secure session. The position of the padlock on your screen will vary depending on your browser. This padlock identifies that a Secure Sockets Layer (SSL) is in place, designed to provide secure communications over the Internet.

To verify the authenticity of the SSL, double click the padlock icon to view the certificate information. This should state that the certificate has been issued to secure.rabodirect.com.au.

Global security monitoring

Our local and global security teams work in collaboration with our technology partners to monitor threat levels and investigate new technologies to keep your bank details safe and secure. When we become aware of threats we will alert you.

Transfer limits

The daily money transfer limit in your RaboDirect account is automatically set to $5 million. In the User Options menu in the secure banking website you can reduce this limit to a lower limit of your choice.

Audits and testing

Rabobank engages independent security companies to audit and test our security systems on a regular basis to make sure our systems are robust. This is important as technology changes and new threats emerge. As a result we are constantly improving our technology. Most of the time you won't even be aware of this but it's reassuring to know that we are always working away in the background.

Related links

Safety Guarantee

All deposits with RaboDirect under $1 million are guaranteed by the Australian Government and our parent Rabobank. So you know your money is in safe hands with us.

The Australian Government Deposit Guarantee has been extended to 1 February 2012