At Post Office® Credit Cards and Savings we understand how important the security and confidentiality of your information is. Keeping customers information secure is a top priority for us, but it is also important for you to protect your security online.

• Security Procedures
• 10 Steps to Good PC Hygiene
• How to protect your online security
• How we protect your security online
• Fraudulent emails and website
• Secure Browser
• Firewall
• Browser Encryption

Security Procedures

10 Steps to Good PC Hygiene

1. Always log-out of your browser before and after you use Post Office® Credit Cards and Savings.
2. Do not release passwords (power-on, sign in, screensaver, Internet account, Post Office® Credit Cards and Savings, etc,) to other individuals. Remember that you alone are accountable for actions carried out when your user identification is used.
3. Ensure that the operating system and other software on your PC is fit for purpose and is configured appropriately.
4. Ensure that the operating and other software are regularly updated with relevant security patches and bug-fixes (available frequently from the vendor sites).
5. Ensure that you have up-to-date, supported and licensed anti-virus software in place.
6. Do not open unsolicited e-mail (in particular, any attachments that are associated with this form of communication).
7. Do not send confidential information via Internet e-mail.
8. Always check the validity of the certificate on a website where you enter personal details (passwords, payments etc.).
9. Be wary of the content of un-solicited e-mails appearing to come from a trusted source asking you to validate your logon/ payment credentials. Always check with the institution first using their pre-registered/ published contact details (not details supplied in the e-mail).
10. If in doubt please e-mail us at fsenquiries@postoffice.co.uk.

How to protect your online security

Monitor your accounts and notify any unusual account activity or discrepancies between your records and our records immediately.

Always make sure that no one is watching as you enter your User ID, PIN and password information.

Never reveal your User ID, PIN or password information to anyone.

Never write it down where anyone can find it or figure out what it is.

How we protect your security online

Post Office® Credit Cards and Savings require the use of a secure browser to access account information and perform transactions.

Post Office® Credit Cards and Savings is protected by a firewall, which forms a barrier between the outside Internet and the internal network.

We use what is known as 128 bit SSL to ensure the highest level of security of information passing between our customers and ourselves.

Your name, address and full account number will never appear on screen. Beneficiary names will appear on screen.

After a period of inactivity your current session on the web site will automatically timeout. To restart your session, all you have to do is re-enter your User ID, PIN and password at the sign in screen.

Fraudulent emails and website

A number of financial organisations and their customers have recently been the target of Hoax emails and websites pages which are aimed at gathering customers internet account details. To date the instances have been small but we would always advise caution with your personal details. Post Office® Credit Cards and Savings policy is to never ask you for account details or confidential information via email.

If you are sent such an email or access a screen requesting ATM or Card Pin details then report it immediately to fsenquiries@postoffice.co.uk. Do not reply to it and do not follow the instructions specified, regardless of how genuine the website may look. As an additional precaution it is advisable to have the latest Anti-Virus Software installed on your PC.

If you have any queries regarding this topic or are concerned that you may have inadvertently provided your details to a third party please e-mail us at fsenquiries@postoffice.co.uk.

Secure Browser

A secure browser means you can send and receive messages using technology, which encrypts the information so it's virtually impossible for anyone other than you and Post Office® Credit Cards and Savings to read it. An Internet browser that has SSL encryption version 3.0 or higher to conduct secure transactions over the Internet. Netscape Navigator, Netscape Communicator, and Microsoft Internet Explorer are all secure browsers that employ Secure Sockets Layer (SSL) technology to communicate with servers.

Secure Socket Layer (SSL)

An encryption that creates a secure communication channel by scrambling information while it is transmitted over the Internet to prevent the information being tampered with. SSL authenticates that the server you've connected to is the one it purports to be. You can be assured that you are actually communicating with the bank, and not a third party trying to intercept the transaction.

Firewall

The purpose of a firewall is to ensure only the Post Office® Credit Cards and Savings traffic is allowed to pass to the internal banks systems and networks - all other traffic from the Internet is rejected. The firewall verifies the source and destination of each message, and determines whether or not to let the message through. Access is denied if the message is not directed at a specific service.

Browser Encryption

Internet communications are not secure unless the data is encrypted. This allows for the transfer of digitally signed certificates for authentication procedures and provides message integrity, so that information cannot be tampered with in transit.

When a session is encrypted, certain aspects of the Browser change:

In Netscape Navigator 2 and 3 the key icon at the lower left corner of the browser's screen becomes solid, and a blue line appears at the top of the screen. If the key icon appears broken, encryption is not in use and the current session is not secure.

In Netscape Communicator, the key icon is replaced by a padlock icon, which appears locked when encryption is in use.

Internet Explorer similarly uses a padlock to show encryption but it is positioned at the lower right hand side of the browser.

To confirm that your information is encrypted, place your cursor in the frame you want to check and perform the following steps:

With a Netscape browser, right-click, select 'View Frame Info' or select 'View'\'Page Frame Info' from the browser menu bar. For Macintosh users, Ctrl-click, select 'New Window with this Frame' or select 'View'\'Page Info' from the browser menu bar. With an Internet Explorer browser, right-click, select 'Properties.' For Macintosh users, Ctrl-click, select 'Open Page in New Window.'

Check the web address that you have accessed. If you are in a secure area, the address will appear as https://www. Notice the "s" in the address. This means that you have accessed a secure server.