Security stuff

Keeping your money and your personal information safe and secure is hugely important – to you and to us. Not only does your banking need to be simple and convenient, but you also have to be able to sleep well at night, knowing you’re protected.

Is online banking safe?
Security features
Browser and Computer Security
Everyday Online Security
10 Tips to Protect Your Identity
Online Banking Checklist


 

How you know online banking with us is safe

Yes. You can bank online with Tangerine knowing that we use state of the art security technology. All information you share with us is kept in the strictest confidence, and we comply fully with privacy standards followed by all major Canadian financial institutions.

Back to Top

 

 

Security features

Online PIN Reset

If you've forgotten your PIN, you can reset it online. You will be asked several questions to identify whether you are really you (and not someone posing as you), and once you’ve answered correctly, you’ll be able to reset your PIN.

DoubleSafe®: Your picture, your phrase

DoubleSafe is just that - it keeps your identity safe in two ways when you log in. How? When you begin setting up your online banking, you'll be asked to choose 'Your Picture' from a selection of images. Next, you'll select 'Your Phrase' - a personalized phrase to accompany 'Your Picture'. Once DoubleSafe is set up, make sure you see your picture and your phrase every time you’re about to log in. This will help you to avoid logging into a fake Tangerine site (also known as phishing). With DoubleSafe in place, when you set up your online banking, you’ll be asked to set up answers to secret questions, which will be our way of knowing that it's really you if you ever have trouble logging in.

Back to Top

 

 

Browser and Computer Security

Free software: an offer that's often too good to be true

Beware of offers on the Internet that promise to improve your PC's Internet speed, or that ask you to download software for viewing photos or movies. This may enable thieves to monitor your activities and capture personal and/or sensitive information. In some cases, downloading the software can enable them to intercept all data you enter between your computer and any website, even if that site is protected. If you need certain software, only download it from reputable sites.

128 Bits of Safety

Most browsers now come with 128-bit encryption, which provides strong protection when transmitting confidential data over the Internet. We recommend that you upgrade your browser so that your information is scrambled while being transmitted and can’t be read by anybody who intercepts it.

How do I know if my banking session is encrypted (i.e. safe)?

You know that your data is encrypted on a web page by looking for the padlock icons in the lower area of your browser window or beside the web address.

C is for Cookie

A "cookie" is a small piece of data placed on your computer by a web server when visiting certain websites. This data usually contains encoded information to measure visits. One type of cookie that Tangerine uses is a session cookie. These cookies are stored in temporary memory and will disappear after you leave the Tangerine website. They make it possible for you to move back and forth within a secure banking session.

Another type of cookie we use is a persistent cookie. This cookie is used as part of our user authentication procedure to help make sure no unauthorized individuals have access to your Accounts. This type of cookie is also used for site personalization, internal reporting, statistics, marketing (by allowing us to offer Tangerine products that may be of interest to you), and to measure user visits. This information is not shared with outside organizations and does not contain any sensitive details.

Hackers keep out!

Install security updates when they become available. Make sure to have a home firewall to help protect you from many Internet threats. Install anti-virus/anti-spyware software and keep it updated.

Back to Top

 

 

Everyday Online Security

Personal security: your PIN gets you IN and makes sure you bank safely

Keep your passwords and PINs for all of the sites you visit safe at all times. Never share, write down or disclose your Internet banking passwords to another person, or store them in a file on your computer.

When selecting a PIN, avoid choosing numbers that fall in a sequence or pattern. Also, avoid the obvious choices like your birth date. And when selecting a secret question, make sure it's something meaningful, so you'll remember it, and personal, so nobody else can figure it out. Because the more personally meaningful your passwords/PINs, the more obscure it will be to someone else.

You can be immunized from email fraud

How? By being careful and suspicious of unexpected emails. If you don't recognize the sender, think twice before opening or responding to unsolicited email. And don’t download attachments or click on links in an email unless you’re sure they're coming from a reputable source.

Phishing: How to Protect Yourself

Phishing is what it’s called when a person (or a group of people) pretends to be someone they’re not, so they can trick you into revealing your personal information. They attempt to get user names, passwords or PINs. Phishing emails are the most common way this is done, but it can also happen through a phone call or text message that asks you to confirm personal information. Some of these scams can be disturbingly convincing, but a few good practices will help keep you protected.

Be suspicious of any communication that asks you to provide confidential information.

For example, Tangerine will never send you an email asking for your Client Number, Account Number or PIN. If you ever receive an email that asks for any of these things, it’s smart to be suspicious of it, and we ask that you forward the suspicious email to us at phishing@tangerine.ca or call us at 1-888-SAFE-304 (1-888-723-3304).

Be alert to emails that look “phishy”.

Some phishing emails just don’t look or sound quite right. You might be tipped off by spelling mistakes or typos, or the whole appearance and tone of the email might seem wrong. Don’t reply to the email or use any contact information it provides. If the email is claiming to be from Tangerine, contact us using the above email address and phone number.

Maximize your email security settings.

Have a look at your email settings and make sure that you’re using all of the filtering tools you have available. By scanning incoming mail for recognizable threats, your email program can help you stay protected.

Vishing can be vicious

Vishing (Voice Phishing) is similar to Phishing but done over the phone. It can be used to get access to your personal financial information. Unfortunately it's very hard to trace, so in order to stay safe, it's best to protect yourself by staying on guard when you receive a phone call that asks you to provide any financial information like a PIN or a credit card number.

What should I do if I suspect there's a fraudster on the line?

If you ever receive a suspicious call, simply don't provide any personal or sensitive information and get in touch with that specific financial institution to follow up on the inquiry. You can call our online security line at 1-888-SAFE-304 (1-888-723-3304) for peace of mind.

Spoofing is not funny.

Spoofing is when someone is able to masquerade as someone else online by using a program that can change data. It's done by way of relatively inexpensive automated systems that make it seem (to a computer) that the Spoofer is someone who they actually aren't.

It's okay to blow the whistle

If you or anyone you know has been a victim of Phishing, Vishing, or any other financial fraud, please report all incidents to the involved financial institution to prevent future issues from occurring. Online security is everyone's responsibility to share in so we can all stay safe.

Identity Theft – don't let it be yours

Identity and information theft is a serious problem facing consumers and businesses today. Hackers are no longer interested in breaking into computer systems and causing them to crash. Instead, they now want to keep a system up and running so they can steal information from it, or use it as a launch pad for attacks against other computers. If your identity is 'stolen' you may find yourself with a poor credit rating as the fraudster has taken out loans, credit cards etc., in your name. If you notice any abnormal activity in your financial records, don't hesitate to contact your financial institution to follow up.

Card skimming – be aware

Credit and debit card fraud can happen at bank machines, ABMs, and retailers virtually anywhere. Make sure whenever entering a PIN into a machine you keep it private and keep your eyes open for suspicious-looking devices attached to the machine. You may be unknowingly helping thieves gain access to your bank account.

As long as there are cheques, there will continue to be cheque fraud

Once in a while you need to a write a cheque. Everyone does at some point. After the cheque clears, make sure you look at your account balance to ensure that the appropriate amount has been deducted. Try to avoid carrying your cheque book around with you unless you really need it.

Friends don't ask friends to move their money

Friendships may run deep, but we don't advise that you make financial transactions for anyone but yourself. This way, you can be assured that you're the only one performing any actions through your account. The less people that have access to your account(s) the safer and more secure. Also, if anyone you don't know ever asks you to perform any sort of financial transaction on your/their behalf, just say no.

Advance fee fraud: one of the oldest tricks in the book

This is the type of fraud where you're persuaded by way of a false promise or guarantee to send small(ish) amounts of money in the hopes of reaching a large (imaginary) pot of gold at the end of the rainbow, such as lottery winnings or someone who needs help moving money out of the country. Scams like this come in the form of letters, emails and offers in advertisements, where they typically want you to invest in some sort of "opportunity" too good to be true. And guess what – it is.

Back to Top

 

 

10 Tips to Protect Your Identity

  1. Before you reveal any personal information, find out how it will be used and if it will be shared.
  2. Don't carry your Social Insurance card; leave it in a secure place.
  3. Put your outgoing mail directly in post office collection boxes or at your local post office.
  4. Promptly remove mail from your mailbox after delivery.
  5. Ensure mail is forwarded or re-routed if you move, change your mailing address, or arrange for pick-up if you are away for an extended period.
  6. Do not give out personal information on the phone, through email or over the Internet unless you have initiated the contact or know who you're dealing with.
  7. Keep items with personal information (e.g. bank statements, receipts, tax records) in a safe place.
  8. An identity thief can pick through your garbage or recycling bins. Be sure to shred receipts, copies of credit applications, insurance forms, physician statements, and credit offers you get in the mail.
  9. Check your financial statements on a regular basis and report any suspicious activity.
  10. When disposing of a computer or other electronic storage device, make sure to remove all personal data first.

Back to Top

 

 

Online Banking Checklist

  • Don't allow your computer programs and browsers to save your password(s). For example, when you encounter a pop-up box that asks if you would like your password to be remembered, always click "No". Saying "OK" can give anybody using your computer access to your personal information.
  • Protect your PIN. Your PIN, along with your Client Number, are the access keys to your financial information. Make sure you memorize your PIN and don’t reveal it to anyone.
  • Don’t send personal information (such as your Social Insurance Number, account numbers, passwords, etc.) through email.
  • While logged into any online account, do not leave your computer unattended. Although inactivity while logged into your Tangerine Account will force your session to time out, it’s better to log yourself out when you're done.
  • We recommend avoiding the use of public or shared computers for Internet banking. Many are OK for just surfing, but don't access sensitive information or use a log in and password. You never know if that PC is properly secured.

Back to Top