Secure login: additional measures
KAS BANK applies the highest security standards to ensure that your online financial transactions are fully secure. Here we have listed additional measures that you can take to guarantee the integrity of your own network and connections. We have identified three key areas to be addressed in order to use our internet banking system securely:
- your computer
- the internet connection with our website
- transaction validation.
The correct configuration of your PC plays an integral role in achieving optimum security. It is advisable to check both your PC settings and software on a regular basis.
internet connection with our website
- Is your operating system up to date? Have you installed the latest security patches? (Contact your vendor for more information.)
- Is your wireless connection properly secured?
- Are you using the latest version of your web browser? If not, updates can be downloaded free of charge.
- Is your browser correctly configured? You should also ensure that the security level is set to ‘normal’.
- Have you installed a firewall? Is it active and fully up to date?
- Have you installed anti-virus and spyware scanning software? Is it active and up to date?
Our internet banking system is accessed through an encrypted https connection. Online fraudsters may attempt to circumvent our security by luring you to a fraudulent website. It is important, therefore, to verify that the website you are accessing is authentic.
- In the address bar of your browser, does the URL begin with https:// ?
- Is the domain name of the website you are visiting correct? Check for https://token.kasbank.com or https://smartcard.kasbank.com.
- Is the url of your browser colored green? You can check the certificate by double-clicking. Maybe your browser shows a padlock symbol in the url area. In this case, double-click the padlock.
- Does the certificate correctly identify the KAS BANK website?
- Are the time and date of your last login correct?
- Does the login process proceed as you would expect? Unusual error messages or error pages may indicate tampering.
- Each time you log in a User ID and pin or User ID, response and password are required:
Before validating an instruction, always check the amounts, counterparty and other instruction details carefully.In short: treble check!
In short: check your PC, your internet connection and details of financial instructions to ensure safe online banking. Also, you might want to have a look at this website initiated by the British payments organisation APACS, which is dedicated to safe online banking: Banksafeonline.org.uk
.Fraud through website spoofing and email scamsLottery / Letter or Email Scams
If you receive a letter or email that appears to be from KAS BANK stating that you have won a lottery or any other prize in an anonymous competition, you should ignore it. These letters and emails are fraudulent. If you respond, you will be asked to pay upfront in order to collect your prize.Investment proposal / Letter or Email Scams
If you receive a letter or email stating that KAS BANK has accepted your investment proposal, please ignore it – this correspondence is fraudulent. KAS BANK does not offer credit finance to businesses. You will be asked to transfer money in order for your account to be set up. In reality, KAS BANK does not charge for this, and does not accept clients by email or letter alone. The additional documentation required for new clients is clearly stipulated by our regulatory authorities.Website spoofing / Website or Email Scams
If you receive an email purporting to be from KAS BANK, containing a link to any domain other than www.kasbank.com, please ignore it, both email and website will be fake. Should you follow the link, you will be directed to a website imitating the look-and-feel of our corporate pages. Please note, KAS BANK will never ask for confirmation of personal information through its web pages, nor does the procedure to establish a client relationship involve submitting information through our website.Best practices
- don't provide personal information by email or through websites
- never pay money upfront for opening accounts or collect prizes
- paste a link to KAS BANK's website in your favourites folder
- report fraud or your suspicions to our security coordinator.
At KAS BANK, we consider the security of our systems a top priority. But however much effort we put into system security, vulnerabilities can still exist. If you discover a vulnerability in our internet services, we would like to know about it so we can take steps to address it as quickly as possible. We would like to ask you to help us better protect our clients and our systems. Examples of such vulnerabilities are:
- Cross site scripting
- SQL injection
- Weak encryption
Do not use this email address for other purposes like reporting complaints, fraud, phishing mails or viruses. You can either report anonymously or leave your name and phone number.
What we expect:
- Do provide sufficient information to reproduce the problem, so we will be able to resolve it as quickly as possible. For instance, the IP address or the complete URL of the affected system and a description of the vulnerability will be sufficient, but complex vulnerabilities may require further explanation;
- Do not cause damage to our services or systems;
- Do not take advantage of the vulnerability or problem you have discovered, for example by downloading more data than necessary to demonstrate the vulnerability or deleting or modifying other people's data;
- Do not reveal the problem to others;
- Do not use attacks on physical security or by social engineering, distributed denial of service, spam or applications of third parties, and
What we promise:
- We will respond to your report as soon as reasonable with our evaluation of the report and an expected resolution date;
- If you have followed the instructions above, we will not take any legal action against you in regard to the report;
- We will handle your report with strict confidentiality, and not pass on your personal details to third parties without your permission;
- We will keep you informed of the progress towards resolving the problem;
- As a token of our gratitude for your assistance, we offer a reward for every report of a security problem that was not yet known to us. The amount of the reward will be determined based on the severity of the leak and the quality of the report.
We strive to resolve all problems as quickly as possible.