Information Security Tips

In order to ensure online safety, it is recommended that this informational help page is periodically reviewed in order to remain abreast of any evolving security threats or changes in security procedures.

Keeping Private Information Safe


Usernames, Logins and Passwords

It is of utmost importance that login credentials are secured as these constitute the entry-points to CENTRIC platforms. The following guidelines can assist in keeping your private information safe:

  • Avoid re-using the same usernames and passwords that you use for other website logins
  • Do not use information that can be easily deduced
  • Even though your user ID (usually the email address) itself is not confidential, do not write it down on anything that can be easily found by a malicious person.
  • Never write down or reveal your password, SecurID Serial or pin number to anyone, including CENTRIC Support Teams
  • Change your password periodically
  • Ensure that you are not being observed when entering your password
  • Periodically check your keyboard and computer to ensure that no key loggers (devices that record keystrokes) are maliciously connected

Many browsers contain auto-complete functionality. Whilst this saves time for the user, it also allows unauthorised individuals to log into your account if your computer remains unlocked and unattended. It is recommended that you disable your web browser’s auto-complete functionality.

Whatever the circumstances, never communicate your PIN/secret code to anyone (including support teams) and make sure nobody knows it.

Last but not least, if you lose or believe you could have lost your token, please contact CENTRIC Client Service Desk as soon as possible so that we can disable your token.

Authentication Devices

Should you be issued with authentication tokens or one-time passwords sent to a mobile device, please ensure that these devices are kept secure at all times.

Do not communicate by phone or to an unknown email address the serial number written behind the token, even if claiming to be from a support team, unless yourself have contacted a relevant support team earlier for a PIN reset or card synchronization issue. In the later case, it is OK to communicate the serial number to CENTRIC Client Service Desk for action.

In any case, do not paste or write anything on the SecurID token!

Logging Out

If you are away from your computer for an extended period of time, please ensure that you log out of all running applications. It is highly recommended that browser applications are closed fully after using any CENTRIC platforms.

Viruses and Spyware

Anti-Virus software, anti-spyware software, and personal firewalls should be installed and continually kept active on your computer. Security patches and virus definitions should be periodically installed and updated in order to ensure that any bugs and security loopholes are closed.

Your Personal Information

Please keep your relationship manager updated with accurate details of your personal information.

Avoiding Fraud


Verifying Website

Navigating to the Website should always be done through known hyperlinks. Please read the address bar / URL carefully and always ensure that it is correct.

Another method of verifying the authenticity of a Web Site is to check the digital certificate for websites that begin with “https”. Certification Authorities (such as Verisign or Geotrust) are trusted third party issuers of digital certificates which verify that the website URL is a genuine site of the company or business in question. Click on the padlock next to the URL to see details of the Certification Authority:

Trusted Computers

Do not use public or shared computers for the purposes of accessing e-banking services or conducting transactions.

Fraudulent Emails and Websites

Remain vigilant for suspicious emails and websites that attempt to use deceit in order to reveal sensitive information. CENTRIC will never ask you for private information by email and will not send e-mails with embedded hyperlinks to transactional websites.

Also, please be aware that in some email applications such as Microsoft Outlook, a text hyperlink may be displayed but actually clicking on the hyperlink may direct you to another website. This is known as phishing. Phishing websites are designed to look identical to genuine websites. Additionally, some emails may contain image files that appear to look like text. Hovering over the image and clicking may lead you to a phishing website. Ensure that the guidelines for verifying CENTRIC websites (above) are followed.

We Are Here To Help


Should you suspect any unauthorised access or have any outstanding queries regarding Information Security, please promptly contact your relationship manager or support team.

Singapore
Email:
CSD_SINGAPORE@asia.bnpparibas.com
Hotline:
+65 6210 1093

Hong Kong
Email:
CSD_HONGKONG@asia.bnpparibas.com
Hotline:
+852 2108 5449

London
Email:
CentricClientServices@uk.bnpparibas.com
Hotline:
+44 (0)207 595 8886

Saudi Arabia
Email:
csd.ksa@bnpparibas.com
Hotline:
+966 (0)11 273 9163
Support hours:
Sun-Thu from 08:30AM to 05:30PM

India
Email:
csd_mumbai@asia.bnpparibas.com
Hotline:
+1800 267 7766