Simple steps to ensure your safety banking experience Commonwealth Bank committed to provide a secured banking environment for our customers. Therefore below are some guidance that will help Customer to avoid scam and giving Customers secured banking experience. General Safety Guidance Do a regular review. Always check your statements and report any unauthorized transactions to the Bank immediately through our nearest branch or calling our Call Commbank at 15000 30 and (62 21) 15000 30 for access international. You can catch unauthorized transactions early by checking your account details regularly at least once a week. Protect your PIN. Make sure your PIN is not too personal and do not share your PIN to anyone. Avoid using your birthday, phone number, or other personal identification numbers in your password. To increase the safety level, please use unique combination number for your PIN. Be aware of scam. If you receive a call from anyone purporting to be Bank staff requesting your PIN or Password, be suspicious as Bank staff will NOT call you and ask you to disclose your PIN or password. Also be aware of spam e-mails, chain letters and persons purporting to be representatives of government departments, financial institutions or other businesses. Do not share your confidential details to any person. Do not give or send your name, bank account details, and copies of your identity, birth certificate or any other personal details to anyone other than for legitimate purposes. Pay attention to your transactions. Never pre-sign a blank form such as withdrawal form, transfer form or any transaction related form Using ATMs Immediately sign Card you received from Bank After you received your ATM PIN paper notification, change your ATM PIN immediately and destroy any paper notification. Ensure that you’re the only person that knows your PIN. Never write it down on any type of media especially keep your PIN number in your wallet. Always be conscious at the time you do transaction at ATM. Never let a stranger assist you at the ATM, protect your ATM and PIN. If you spot anything unusual about the cash machine (for example if there is additional device on the card slot or ATM keypad which not perfectly attached), or if there are signs of tampering, don’t use it. Report it to the bank concerned immediately. Ensure that no one can observe you entering your PIN when using the ATM. To protect your PIN details, cover your hand when entering your PIN at an ATM. When your transaction is complete, recover your card, your receipt and any cash you have requested from the automated teller machine and promptly leave the area. Save and count your cash immediately and always keep the receipt. If your ATM card is stuck or swallowed by the ATM, immediately make sure to contact our call center Commbank at 15000 30 and (62 21) 15000 30 for access international and do not take any advice from any parties to contact a phone number other than the Bank official phone number. Immediately notify the Bank if your ATM has been lost or stolen by contacting our nearest branch or calling our Call Commbank at 15000 30 and (62 21) 15000 30 for access international. Be alert. Put your personal safety first. If someone makes you feel uncomfortable, cancel the transaction and use a different machine. Don’t accept help from seemingly well-meaning strangers and never allow yourself to be distracted. If there is someone who follows you after you make an ATM transaction, go to the crowded place and call the police. Be discreet when withdrawing cash at an ATM. If any activity during the transaction concerns you, please contact us immediately by visiting our nearest branch or calling our Call Commbank at 15000 30 and (62 21) 15000 30 for access international. Debit cards Ensure the amount transaction on EDC machine is accordance to your amount of transaction. Keep your debit card in sight during a transaction and try not to let your card out of your sight when making a transaction. Cover your hand when entering your PIN to the EDC machine. Check receipts against statements carefully. Contact the Bank immediately if you find an unfamiliar transaction Transaction receipts should be kept secure. Store your statements, receipts and financial documents safely and destroy them, preferably using a shredder, when you dispose of them. Cut expired cards through the magnetic strip and/or chip when replacement cards arrive, because the magnetic strip equipped customer data electronically that must be immediately destroyed. If any activity during the transaction concerns you, please contact us immediately by visiting our nearest branch or calling our Call Commbank at 15000 30 and (62 21) 15000 30 for access international. Passbooks Keep in a safe & secure place. Don't give your passbook to another person. Never pre-sign withdrawal forms. Immediately notify the Bank if your passbook has been lost or stolen by contacting our nearest branch or calling our Call Commbank at 15000 30 and (62 21) 15000 30 for access international. Creating a secure password In order to do transaction either from ATM / Internet Banking / Mobile Banking Commonwealth Bank, Here are some tips to protect your PIN: Change your PIN regularly to avoid unauthorized party to access your account. You can change your ATM PIN through Commonwealth Bank ATM Machine and please find how to change your Token PIN in Token. Please ensure that you do not tell anyone regarding your ATM or Token PIN. Please avoid using same PIN number for all of your financial transaction purposes either through ATM or Internet Banking. Do not use your User ID number as your PIN number Please avoid using PIN number according to your birthday date or sequential numbers (123456) or repetition numbers (33333). Do not write down your PIN number on paper or any other media that could be read by others such as on computer hard disk or your cellular phone. It is better to memorize it than to write it down. Our staff would not ask for your PIN number, even more to have your confidential information shared through unsecured media such as e-mail. Please be aware of e-mail asking your confidential data related to your Account number / User ID / Card Number / PIN number. Check your account regularly and please contact Call Commbank soon if you notice any suspicious activity from your account and change your PIN. Mobile phone security tips Mobile phones offer you the convenience of managing your share portfolio, transferring funds and completing your everyday banking needs wherever you are. It is important to remember that you should be cautious about how you use your mobile, and that, just like a computer, your mobile needs to be kept secure to protect you from identity theft or fraudulent transactions. Some simple security steps you should take include: Use the official CommBank mobile application and log out after every session For BlackBerry user, download the official Commonwealth Bank Mobile Banking Application through m.commbank.co.id or through BB Appworld application by searching “Commbank ID” then download the application to your mobile phone. For iPhone/iPad user, download the Commonwealth Bank Mobile Banking Application through Appstore by searching “Commbank ID” then download the application to your mobile phone. Commonwealth Bank Mobile Banking Application equipped with Security Socket Layer to ensure your safety, but we recommend you to have appropriate anti-virus/spyware software installed on your mobile phone. Never allow application or files to be installed from unknown sources particularly on smartphones/tablets Avoid using public networks such as Wi-Fi networks to complete your online trading or banking transactions Only do your banking transactions via wireless hotspot if you are certain of the integrity of connection Set up a password or passcode on your phone or tablet and keep it locked when you’re not using it. Ensure that only you have access to the password or passcode. Delete any old messages which may contain information from financial institutions Be aware of people looking over your shoulder when entering your Token PIN when using Mobile Banking Application. If you receive a suspicious text messages regarding your account, please contact CommBank immediately to confirm its authenticity Do not respond to text/email or phone requests to provide your Client Identification Number and/or password If you sell your phone/tablet or give it away, make sure you complete a factory reset to clear all your content from it. If your phone is stolen, tell your provider straight away to block the number. You should then change any passwords for online accounts you access through your phone as soon as possible.Keep your profile contact details up-to-date so that we can contact you if we suspect any suspicious activity on your account. If you lost your Token please contact Commonwealth Bank through Call Commbank at 15000 30 and (62 21) 15000 30 for access international. Internet Banking security tips Some simple security steps you should take include: Avoid using unprotected PC or public terminals such as cyber cafes. Never leave PC unattended when on internet banking in public place. If you visit a website through your mobile or tablet and the URL looks suspicious, close it down straight away. Please be aware that the link to Commonwealth Bank internet banking starts with HTTPS (Hypertext Transfer Protocol Secure) for secure communication over a computer network. Never reply to emails or any the telephone to anyone (including reasons identifying themselves as Bank personnel) asking for your password or PIN Visit Bank’s website by typing the URL into the address bar and not by clicking a link in an email Log off and close your browser when you have finished using internet banking Ensure you have an up-to-date anti-virus and spyware program and perform regular scan system Protect your Token including your username and password Immediately notify the Bank if your Token has been lost or stolen by contacting our nearest branch or calling our Call Commbank at 15000 30 and (62 21) 15000 30 for access international. For any further inquiry, please contact our nearest branch or Call Commbank 15000 30 and (62 21) 15000 30 for access international. As our customers, you can remain confident that Commonwealth Bank is backed by committed banking professionals. We would like to thank you for banking with us and your continued support of Commonwealth Bank. What is Phishing ? Phising is one of social engineering techniques used by perpetrator to retrieve a recipient’s confidential information in an illegal manner. Typically, phising activities can be found as legitimate-looking email seemingly sent from the related Bank, credit card company, and other related financial institution to trigger the recipient to reveal personal information such as User Id, Password and others. Tips to avoid phising Make sure you access Commonwealth Bank’s official internet banking page at www.commbank.co.id site and click LOGIN or directly go to Internet Banking login page. To avoid error in writing the address site, save Commonwealth Bank’s website address in the Favorites menu or bookmarks. So next time you would like to access the Commonwealth Bank’s internet banking page , you can simply choose from favorites menu or bookmarks. Beware of any e-mail that urges you to access links to update your account information , especially email with misspelling words and common greeting such as "Dear Mr/Mrs". If you receive suspicious e-mail whose look and feel are almost identical with official e-mail, you should do : Forward the e-mails to Customer Care to confirm or please inform Call Commbank 1500030. Delete the e-mails if you believe it did not come from the Bank or you may delete right after getting Bank’s confirmation. Make sure you also delete thee-mails from the recycle bin. Visit the official website page by typing the web address ( not clicking link given in the e-mails ) If you already provide the personal information or feel that your User ID and PIN are no longer secret, please contact Call Commbank at 1500030. Do not easily provide personal information or Customer’s private data to other parties. Never provide your banking information such as ATM PIN, Card Number, User ID, Internet Banking (IB)/Mobile Banking (MB) Password to anyone , including people who are claiming as Bank’s officer. The Bank will never ask your password or PIN. When doing internet banking transaction, always use limited internet network access, for example Home or Office Network, and avoid using public network (free WI-FI) which easily accessible to anyone. Do your regular check on your Bank account through IB/MB. Please report to Bank immediately should you find unrecognized transactions. Update your PINpassword regularly. Update the anti-virus software on your hardware device that used to access the internet network. Do not access high risk website with many additional content such as advertisement, online games, additional window, etc, on your regular device that used to do online transactions. Postponed the transactions, please report immediately or do confirmation through Call Commbank service, should you find irregular items in Commonwealth Bank’s website, www.commbank.co.id Back up your private data regularly. Subscribe yourself to get SMS or Email Notification for any transactions. So in the event of unrecognized or illegal transactions done without your authorization, it will be immediately notified. Immediately report and demand account blocking should you find any transactions done without your authorization. Malicios software (device damage) Malicious software or commonly named Malware, is a software for malicious intent, used to disrupt a system, gather classified information or access a personal computer or system. It can be in the forms of Trojan, Worm, Spywares and others. Trojan is a software which can emerge as dangerous malicious application.Trojan does not replicate themselves and claim to clean computer from virus or any other dangerous application. Trojan can emerge as pop-up or does not appear at all and can damage secretly. Worms is a program that can harm and exploit computers in a network through security holes. Having the holes found, worms will replicate itself from one to other computers and can be destructive like a virus. Spyware is the type of software that is secretly collect information about the internet users. Adware is a spyware that used to trace the habit of internet users, as frequent website’s visit , articles read or other links that frequently visit.The information used to adjust advertising that will appear directly to users. Tips for Safety in Transactions : Clean your device from Malware with anti-virus software , anti-spyware or other programs that can be trusted. Do not login IB first , before all of your devices are free from Malware. Make sure you type the correct IB URL Commonwealth Bank. For safety reason, keep the address as bookmark in your browser. You will be required to have token response when doing transactions including Own Account Transfer. If you find suspicious things when doing transactions in Internet Banking, stop and log out immediately and dial Call Commbank. What is ATM Skimming ? ATM skimming is when someone illegally copies your account details from the magnetic strip on your credit or debit card when you use an ATM. Card skimming can also happen when you use EDC machine while doing payment on a merchant. The fraudster then uses your details to create a fake or ‘cloned’ card. In most cases, they use the fake card and PIN to withdraw money from an ATM either within Indonesia or overseas. How do skimming devices work? For ATM skimming, a fraudster attaches: Skimming device over the card entry slot to capture your card details, and Camera to see the keypad and capture your PIN. For EDC skimming, the fraudster captures your card details and PIN by replacing a genuine EDC device with a tampered device which looks and works like a normal EDC device. EDC skimming is difficult to detect and will not be identified until we, or you, find irregular transactions on your account. What is the Commonwealth Bank doing to protect customer’s account from ATM skimming? We take card skimming very seriously and use leading edge technologies that: Monitor ATM machine 24 hours and detect if someone has attached a skimming device to an ATM. If so our Security will immediately go to the location to completely check the ATM machine and ensure the skimming device is found, Monitor and analyze your transactions 24 hours a day. If a suspicious transaction is found, then one of our fraud analysts will contact you to confirm the transaction and prevent any further losses. We also constantly monitor both local and international fraud trends to make sure we are aware of the latest scamming developments. Warning signs — what should customers look out for? You can identify warning signs indicating ATM skimming through these: Does the ATM look like it normally does – can you see any unusual additions, marks or physical changes? Are there any signs that someone has tampered with the ATM? Please be alert when you see any glue residue, exposed wires, pieces of double-sided tape, etc. You notice something suspicious about the card slot on an ATM (e.g. an attached device). A shop assistant takes your card out of your sight to process your transaction. A shop assistant asks you to swipe your card through more than one EDC machine. You notice unusual or unauthorized transactions on your account statement. If you notice any of these warning signs, DO NOT do any further transaction and contact Call Commbank 115000 30 and (62 21) 15000 30 for access international Be Alert with SIM Card Hijacking What is SIM Card Hijacking crime? A process of taking over mobile phone number using personal identity informations such as ID Card, Driving License, and other to get the new SIM Card with the same number to access banking account through electronic channels such as internet banking, mobile banking, SMS banking that is normally send all the transaction authentication code to registered mobile phone number. Hijacking process is done by criminal when your mobile phone is being inactive. Tips for your security: Protect your personal information (personal data, banking data, internet banking / mobile banking Password, ATM PIN, etc.) and do not share with others. Activate short message services (SMS) and e-mail alert to receive banking transaction notification. Do not publish your mobile phone number in social media account. As much as possible, differentiate your mobile phone number for banking transaction with social media phone number. Hide your account number in your banking transaction receipt if you are requested to show your transaction receipt via short message services (SMS), WhatsApp, e-mail or any other communication media. Protect your mobile phone with password. Bank officer will never ask your confidential transaction information such as internet banking/mobile banking, ATM PIN and others. Contact our Call Center and block your Account if you suspect someone is accessing your account without your attention. "Always BE CAUTIOUS before conducting Banking TRANSACTIONs. IF THERE IS ANY PROBLEM/SUSPICION, IMMEDIATELY CONTACT CALL COMMBANK 1500030 or (6221) 2935 – 2935 for international access"