|
|
 |
|
|
| Home
 |
Security
Information |
|
 |
|
 |
| |
|
|
|
 |
 |
|
 |
Preventing online frauds |
|
|
| |
 |
Fake websites |
| |
 |
Customers are reminded to be
vigilant of any fraudulent websites
which seek to pass off as www.boci.com.hk |
 |
Do not disclose your online
account or personal information
unless you are completely sure
that you are connected to www.boci.com.hk |
 |
Do not open e-mails from unknown
sources or follow any suspicious
URL links in the emails. Do not
enter into suspicious websites. |
 |
You should type in the web
address of BOC Credit Card (International)
Ltd ("Card Company")
(www.boci.com.hk) into the browser
address bar. |
|
| |
|
 |
Phishing
emails |
| |
|
|
|
|
|
|
 |
|
 |
Using 'Online Services' |
|
|
| |
 |
Online Services provides various security measures
to protect your financial information:
|
| |
|
| |
|
 |
We strongly
suggest you adopt the following measures
to ensure safety when using the online
financial service¡G |
| |
 |
Properly set up and keep
your personal password:
- Create a password with
more than 6 characters containing
a combination of both random
letters and numbers.
- Do not use easy-to-guess
numbers or words as your password,
such as your birthday, ID
card numbers, telephone numbers,
names or other personal information
that can be easily accessed.
- You should avoid using your
online services password as
your password for other services
such as your online account,
bank account, emails etc.
- Do not disclose your Online Services or other online
financial service password
to anyone (including card
center and bank staff and
police).
- Please memorise the password.
If you write down the password,
please keep it in a safe place
away from the User ID and
account number.
- Change your password regularly.
For the sake of your information
security, if your password
has not been changed for more
than 90 days, our system will
remind you automatically.
- If you suspect your password
has been disclosed, please
inform us immediately.
|
 |
Do not share your account with
other people. |
 |
Do not access Online Services
from a shared computer in public
(such as cyber cafe, internet
bar, libraries, etc.) |
 |
Remember to keep your transaction
records. When you have completed
your online transaction, note
down the reference numbers or
transaction numbers. You can also
make a print copy or save it as
a file for future reference. |
 |
You can click the lock or the
key below the browser to check
the certificate to ensure that
you are connected to the Online Services. |
 |
Do not use links embedded in
emails to access Online Services.
|
 |
Close other browser windows
before accessing Online Services.
|
 |
Do not leave your computer unattended
before logging off from the online
banking service. Every time when
you finish using the Online Services, you must click the 'Logoff'
button to exit the system. |
 |
Remember to turn off the "automatic
completion" of your browser
and the "file and print share"
function of your Windows to prevent
others from retrieving your personal
information, including password,
via the network or public computers
that can get access to the online
banking service. |
|
|
|
|
|
|
 |
|
 |
Protecting your computer |
|
|
| |
 |
You may
consider to adopt the following measures
to protect your personal computer¡G |
| |
 |
Avoid letting other people
use your personal computer. You
should set your personal password
for your personal computer if
needed. |
 |
Install a firewall system and
anti-virus software. |
 |
Regularly download and install
updates and patches for your anti-virus
software, computer operation system
and browser. |
 |
Do not use computer software
or programmes that are illegal,
unreliable or from a suspicious
source. |
 |
Keep safely all the devices
for accessing the online financial
service, such as ATM card, smart
card with digital certificate,
other storage media, PIN etc.
|
 |
Consider using cryptography
to protect sensitive data before
transmitting it through a public
network or the internet. |
 |
Have your system and data backed
up regularly and kept properly.
The safest and the most effective
way to recover your lost data
is with back up files. |
 |
Perform transactions with renowned
or reliable online stores only.
|
 |
Heed all security hints provided
by this website regularly. |
|
| |
|
|
|
|
|
|
 |
|
 |
"SMS Alert" service |
|
|
| |
| |
To better protect customers, BOC Credit Card provides them with a free "SMS Alert" service. Whenever your credit card is used, our alert system will immediately evaluate the related transaction. A SMS message will be sent to the main cardholder's cell phone if deemed appropriate. If you cannot recognize the transaction as your own, please immediately call our 24-hour customer service hotline: 2853 8828. If you wish to amend your mobile number on record with us or wish to register for this service using a new mobile number or wish to unsubscribe to this service, please also call hotline: 2853 8828. |
| |
|
|
|
|
|
|
 |
|
 |
Two-factor Authentication Devices |
|
|
| |
| |
BOC Credit Card provides ¡§Security Device¡¨ and SMS-based One-time Password (OTP) for enhancing identity verification through a two-factor authentication process when you conduct ¡§Designated Transactions¡¨ through ¡§Online Services¡¨. If you use a two-factor authentication tool, please note the following items:
¡§Security Device¡¨

To further enhance the security of online transactions, from 18th November 2012 onwards ¡§Online Services¡¨ adopts the use of a two-factor authentication Security Device.
- Effective from 18th November 2012, you can apply for a ¡§Security Device¡¨ via ¡§Online Services¡¨. The requested item will be sent by post to your correspondence address registered with BOC Credit Card (International) Limited (¡§The Company¡¨).
- You are required to activate the two-factor authentication function online before applying for a ¡§Security Device¡¨. Please click here download the application form for registration.
- Upon receipt of the ¡§Security Device¡¨, please log onto the¡§Online Services¡¨immediately and follow our online instructions to activate the ¡§Security Device¡¨.
- Customers are not required to install extra software/driver or to enter any one-time password generated by a third party.
- Customers can choose to log onto the ¡§Online Services¡¨ by entering a one-time Security Code generated by the ¡§Security Device¡¨ to enjoy extra protection for the Online Services.
- You are required to enter specific transaction information (e.g. registered account number) into the ¡§Security Device¡¨ to generate a one-time Transaction Confirmation Code for Designated Transactions.
- Please keep your¡§Security Device¡¨in a safe and secure place. You should not allow anyone to use your¡§Security Device¡¨or leave it unattended. If your¡§Security Device¡¨is lost or damaged, please contact our 24-hour Customer Services Hotline at (852)2853 8828.
- Effect from the 2nd December 2012, ¡§Online Services¡¨ will adopt the ¡§Security Device¡¨ as a two-factor authentication tool to replace the¡§SMS-based One-time Password (OTP)¡¨.
How does the ¡§Security Device¡¨ work?
- Each ¡§Security Device¡¨ contains a unique serial number, internal information and a clock. Once the ¡§Security Device¡¨ is activated, the internal clock will synchronize with our system. When you press the button on the ¡§Security Device¡¨, a one-time Security Code will be generated according to the information and clock inside the device. The Code, for verifying the identity of customers, is valid within a short time interval. If the time allowed for the entry of the Security Code expires, you have to press the button again to generate another Security Code.
Is there any charge for the ¡§Security Device¡¨?
- The ¡§Security Device¡¨ is provided free of charge.
How do I use the Security Device?
- A different Security Code will be generated by the ¡§Security Device¡¨ depending on the nature of the transaction. Customers should follow online instructions to complete authentication procedures.
- When performing general transactions (such as activating the Security Device), you should press the button at the bottom right hand of the device. A 6-digit Security Code will be displayed on the LCD screen of the Security Device. The Security Code, valid within a short space of time, is for one-time use only.
- When performing ¡§Designed Transactions¡¨, you should press the button at the bottom left hand of the ¡§Security Device¡¨ and enter the numbers highlighted in RED online into the number keys of the Device. After you have input the required information, please press the bottom left button again. A 6-digit Transaction Confirmation Code will be displayed on the LCD screen of the ¡§Security Device¡¨. The Transaction Confirmation Code, valid briefly for a short time, is for one-time use only.
What if the message ¡§BATT¡¨ is displayed on the LCD screen?
- ¡§BATT¡¨ means that the Security Device battery is flat. The battery normally lasts for 3 to 5 years, depending on your usage. Application for replacement can be made online. Please note that the battery of the ¡§Security Device¡¨ cannot be replaced. Any attempt to remove the components of the ¡§Security Device¡¨ may cause malfunction of the Device.
If the Security Device is lost or damaged, what should I do?
- If the Security Device is lost or damaged, please call our 24-hour Customer Services Hotline at (852)2853 8828 to report the lost or damage of the Security Device. You can then logon to BOC Credit Card Online Service to apply for a new Security Device.
What should I do if I do not activate the Security Device within 30 days¡H
- If you do not activate the Security Device within 30 days as requested, please call our 24-hour Customer Services Hotline at (852)2853 8828 to reset the Security Device.
SMS-based One-time Password (OTP)
- The BOC Credit Card SMS (if any) in respect of "One-time Password" and "Notification of Execution of Designated Transactions" will be sent only to your mobile phone number registered with The Company . Such SMS will not be forwarded to any other mobile number even if you have enabled the "SMS Forwarding Service" provided by a Hong Kong service provider.
You are advised to check carefully the transaction details in the OTP SMS for two-factor authentication against any transaction conducted by you via the Online Services. Please do not enter your OTP in any web page in case of doubt.
Where to use the ¡§Security Device¡¨
The ¡§Security Device¡¨ provided by The Company is only applicable to¡§Online Services¡¨. If you will register the Internet Banking of Bank of China (Hong Kong) Limited, Nanyang Commercial Bank Limited, Chiyu Banking Corporation Limited in future, your ¡§Security Device¡¨ used for Online Services will be suspended.Please visit any branches of the relevant banks to apply internet banking as well as the registration of two-factor authentication service accordingly. |
| |
|
|
|
|
| |
|
|
| |
| Should you have any question in respect
of the above security warning, please call
BOC Credit Card 24-hour Customer Service Hotline¡G(852)2853
8828 |
|
|
| |
|
|
|
|
| |
| |
|
|