Top of main content
Man holding phone up close; image used for HSBC Sri Lanka Safe and Secure Online Banking page

Safe and Secure Online Banking

Cyber security: how to bank safely

Shopping and banking online or in mobile apps can be fast and convenient. But, as with more traditional methods, it’s important to protect yourself against risks. Here are some tips on how to ensure safety to match the simplicity.

Use legitimate apps on your mobile

Cyber Security research companies have uncovered new malware which could masquerade itself as legitimate applications (e.g., Adobe Flash, Microsoft Word) on rogue application stores and other illegitimate websites, which, when installed, requests extensive permissions on the device. These malware are capable of extracting sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes. Further, they are capable of capturing user Key Strokes which could lead to capturing mobile app Username and Password. In order to protect yourself;

  • Use only verified legitimate sources (such as Google Play) to download applications to your mobile
  • Enable “Google Play Protect” on your device

Go through comments / ratings on the application to ascertain the credibility of an app

Security first

Firstly, make sure your smartphone, tablet or computer is secure by keeping your operating systems up to date.

You can set laptops and desktops to automatically install software updates as soon as they become available. The same goes for app updates on your devices. Choose to install them whenever you’re connected to Wi-Fi and a new update is available, or at night when your device is plugged in.

This way you quickly inherit any security enhancements, which are designed to make it increasingly difficult for hackers to gain access.

You should also install antivirus software from a well-known and trusted company to ensure your device is protected from any malicious activity.

Passwords are your friend

While online passwords might feel like a hassle, they do an important job in protecting your personal information.

When it comes to passwords, longer equals stronger. A variety of characters – upper case, lower case, numbers and symbols – also make them harder to crack. Another way to strengthen a password is to string together unrelated words.

Explore more: How to create a strong password

If you do, or are thinking about, banking online or via a mobile app, there are further security measures you can put in place. For example, using Touch ID or Face ID adds biometric security to your banking app, while Voice ID adds a strong layer of protection when doing telephone banking.

Setting up a digital account can actually be a good form of defense against cyber criminals. The layers of security typically make it harder for them to access your account than it would be for them to fraudulently set one up in your name.

More tips to stay safe online

Once you’ve put those security measures in place, you need to be mindful of common scams. Here are some tips on what to look out for.

  • Requests to move money - Genuine banks won’t ask you to move money to another account, or for your PIN, password or other personal details out of the blue.
  • Unknown senders - Never click on links or attachments from unknown sources.
  • Secure connections - Look for a padlock in the address bar to confirm your web connection is secure. However, the padlock doesn’t guarantee an authentic site.

For example, if you’re on and see a padlock, you know you’re securely interacting with HSBC. But if you’re on you could still see a padlock – indicating a secure connection – only you wouldn’t be interacting with HSBC. You may instead be on a site that’s been set up to trick you into thinking that’s what you’re doing.

So always make sure a website is genuine by checking the address for subtle misspellings, additional words, characters or other irregularities. Sites like Trustpilot can help you work out if a site is legitimate.

  • Shopping and bank transfers - When shopping, check again for the padlock in the address bar before entering your personal or payment details.
  • Never pay for something by bank transfer if you don’t know the seller. Always use a credit card, debit card or PayPal – or a payment option that offers some protection against fraud.

If you suspect fraudulent activity on your account / Credit Card, contact us immediately on +94 11 4 4722 00 or the hotline at the back of your Credit Card 

Man wearing mask holding phone; image used for HSBC Sri Lanka Coronavirus Scams page

Protect yourself from coronavirus themed scams.

man and child on phone; image used for the HSBC Sri Lanka Banking at Home Page

6 things you don’t need to go to your branch for.

Happy woman using tablet on a couch; image used for HSBC Sri Lanka Ways to Bank

See all the ways that you can bank with us.

Listening to what you have to say about services matters to us. It's easy to share your ideas, stay informed and join the conversation.