Security

What do I do if my mobile phone is lost, stolen, broken, or replaced?

If you lose access to your mobile device you can choose to disable Four-digit PIN on that device remotely. Logon to e-banking from another device or computer and go to ‘Settings’ > ‘Manage Devices’. Review the list of devices and press ‘Disable Four-digit PIN’ for the one you wish to disable.

If your mobile phone is subsequently recovered you will need to re-register for the Four-digit PIN function by logging on to Mobile e-banking via the Bendigo Bank app, and entering your Access ID, Password, and Authentication Key (if you have a Security Token and have it enabled for Logon).

What do I do if I forget my e-banking Access ID and Password?

The e-banking service will allow you three attempts to logon with your correct Access ID and Password. If you do not succeed within three attempts, your account access will be automatically blocked as a security measure.

If you forget your Access ID and/or Password, or enter incorrect details too many times and have your access blocked, you will need to reset your Password.

You can reset your Password by:

  1. Selecting the 'I forgot my password' option from the e-banking logon screen; or
  2. Contacting us on 1300 236 344; or
  3. Visiting your local Bendigo Bank branch.

Should I store logon details on my mobile phone?

No. We advise you do not record your logon details where others may be able to access them.

Why does my e-banking session automatically log out?

For security reasons you will automatically be logged out of your Mobile e-banking session after a period of inactivity. This reduces the risk of non-authorised people accessing your banking information.

Why can I return to a e-banking session by clicking the back arrow on my web browser?

When you have finished a e-banking session, we recommend you always Log Out using the Log Out option beneath the main Settings menu (located under the ‘More’ menu on a mobile device).

If you leave e-banking without logging off you may be able to return back into e-banking via your browser’s back function until your e-banking session has been automatically expired.

How many characters can I have in my Password?

You must have exactly eight characters in your Password. Your Password must include at least one letter and at least one number. The Password is not case sensitive.

What security measures has the bank put in place to protect my data when using e-banking?

Bendigo Bank is conscious of protecting the security of all customer information. We have taken steps to ensure the confidentiality of your accounts.

These include:

  • A security team constantly monitors the system for suspicious activity and automatic alerts are generated if any abnormal activities arise.
  • 128-bit data encryption has been put in place to provide some of the best protection available to keep your Password, account details and other sensitive information, including any messages sent via Secure Email, from being accessed by an unauthorised party.
  • A short time-out limit has been set. After this time, the system automatically logs off and ends your session. Remember, if you are not using your computer for a period of time make sure you 'log off' completely from Bendigo e-banking so that your banking information cannot be viewed by others.
  • The option of using a Security Token to add another layer of protection to your e-banking

How do I change my e-banking Password using e-banking?

Once you have logged on, go to the ‘Settings’ icon and choose ‘Change Your Password’. Simply follow the instructions presented.

Do joint account holders each have to Register individually to access e-banking?

Yes. In order to prevent unauthorised access to your accounts, Bendigo Bank requires that all customers be registered for access to e-banking individually, and be issued with a unique Access ID and Password. Under no circumstances should your Password be disclosed to, or shared with, another party.

Can I allow other people to access my accounts using e-banking?

Yes. You may nominate a third party to be an authorised signatory on a bank account.

'Authorised Signatory' access allows an authorised person to operate and transact on your linked account(s) in the same way that you can.

Please remember that every individual customer will be issued with a unique Access ID and Password. Under no circumstances should your Password be disclosed to, or shared with, another party.

If you would like another person to become an Authorised Signatory to an account please contact any Bendigo Bank branch or call us on 1300 236 344.

What can I do to ensure the protection of my banking details when using e-banking?

To ensure your e-banking is secure, follow our Golden Rules:

  • Never divulge your Password to any person under any circumstances. Bendigo Bank will never ask you for your Password, either in person or by email;
  • If using a web browser, always logon to e-banking from the Bendigo Bank website (by typing www.bendigobank.com.au or m.bendigobank.com.au);
  • Never follow a link from an email or SMS that asks you to logon to e-banking or takes you directly to a logon screen;
  • Ensure your computer is protected by up-to-date anti-virus and personal firewall software;
  • If prompted by your web browser, never allow the web browser to remember (store) your e-banking Password;
  • Use a Security Token for a second level of authentication;
  • Only conduct financial transactions online using computers you know are secure. This means that use of Internet cafes should be avoided;
  • Always check there is a padlock symbol on the logon page where you enter your Access ID and Password. Click or choose the padlock to verify you are dealing with Bendigo Bank;
  • Never leave your computer unattended while logged on to e-banking;
  • Always exit your e-banking session when finished, by clicking the 'Log Out' option;
  • Be sure to close all e-banking session browser windows when exiting e-banking. This is especially important if you have elected to Login to Classic e-banking (as you will still have your original e-banking session open in another window or tab).
  • Regularly check your account balances and transaction histories and immediately report any discrepancies to Bendigo Bank;
  • You should protect the security of your Access ID, Password and Four-digit PIN at all times. If you believe your details may have become known to another person, you should log on to e-banking immediately and change your Password.

When using Internet cafes, hotels/motels (both in-room and in any business centres /computing facilities provided by hotels for the use of their guests or others) or similar locations, you should ensure that you know if your computer and phone access details are recorded and take appropriate steps to maintain confidentiality of that information.

What should I do if I think somebody else is accessing my accounts without permission?

If you have any suspicion, you should contact us on 1300 BENDIGO (1300 236 344) immediately. We will put an immediate stop on your account and investigate the situation.

When the investigation is completed, you will be issued with a new temporary Password that you will need to change when you next use e-banking.

Does e-banking become inactive if not accessed for a long period of time?

Yes. If you do not use e-banking for more than a year, it will become inactive. Once it becomes inactive you will be presented with a screen that notifies you are locked out and to contact Bendigo Bank on  1300 236 344.

Is the app as secure as my desktop e-banking?

Yes, using e-banking via the Bendigo Bank app provides an even greater level of security than using e-banking from a web browser.

What is Screen Scraping?

Screen scraping is a process of automated data gathering   It occurs when a customer discloses their Internet Banking Access ID and Password to a third party, which enables the third party to use scraping technology to log in to their customer’s Internet Banking and copy transactional information to support their service.  Third parties that use this technology could include online lenders, financial management/investment app providers or accounting package providers.

Screen scraping may occur as a once off, or on a regular basis - depending on the requirements of the third party. The third party and the scraping technology provider may also store Customer’s Access ID, Password and/or transactional data for future use.

As this is a customer initiated activity we do not know the arrangement the customer has with the third party or how the Internet Banking Access ID and Password information is captured, shared and stored. As such we cannot provide any assurance over the security practices of the third party or of the scraping technology provider.

Please note that it is against terms and conditions of our banking products for you to provide your Internet Banking credentials (Access ID, Password and Four-digit PIN) to a third party.  We strongly recommend that you protect your Internet Banking credentials at all times.

If you believe your details may have become known to another person or third party, you should log on to e-banking immediately and change your Password.