As you'd expect from a bank, we take security very seriously - here are some things we do to keep you safe. To help you spot fraud, we’d also like you to know the things we’d never do.

What we do

• Provide around the clock debit card transaction monitoring.
• Provide 24/7 phone support to answer your questions about your debit card.
• Let you freeze and unfreeze your card whenever you need to.
• Temporarily block accounts and debit cards if fraudulent activity is suspected.
• Automatically log you out of Internet Banking and the app after a period of inactivity.
• Keep you up to date with fraud protection advice.
• Send text alerts when online or card transactions are made.
• Temporarily suspend your Internet Banking if left dormant for a long time.

What we’ll never do

We will never contact you out of the blue to ask you:

• For your mobile app passcode.
• For your digipass PIN.
• For your card number or PIN.
• To transfer money out of your account.
• To click a link in an email to our Internet Banking.
  

If in doubt, call us on the number on our website, or delete the email without opening it.

Learn more about how to stay safe online or visit the action fraud website.

Bank impersonation fraud is when a fraudster impersonates someone from the bank in order to trick a victim into making payments to a fraudulent account.

What a fraudster might do:

• A fraudster usually calls their victim, though may use email or another contact method. It’s likely they already know information about the victim, including their name and who they bank with.
• While impersonating the bank staff member, the fraudster might tell the victim their account is under threat and they need to make payments to a “safe account” or set up payments in order to “block the funds”.
• The fraudster might ask for details from the Digipass so they can access the account and make payments to the fraudulent account themselves.
• The fraudster might ask the victim to download screen sharing software so they can view or control the victim’s computer. This can make it easier to take control of the account.
• In any scenario, the fraudster will foster a feeling of panic in order to get the victim to comply with their requests as quickly as possible.
• Fraudsters might also impersonate other well-known, trusted companies such as Microsoft, Apple, BT or HMRC.

What Triodos Bank will never do

• We’ll never call you to tell you to log into internet banking or to make a payment to a “safe account”. If we believe your account to be under threat, we can block the account ourselves and do not need you to do anything from your end.
• We’ll never ask you for your full Digipass number or your Digipass PIN.
• We’ll never ask you to download any software onto your PC or mobile phone.

What you can do to protect yourself

• Never give out your personal details to someone who has called you unexpectedly.
• Never download any software onto your PC or mobile phone when asked by someone over the phone or by email – even if you think you are speaking to a trusted organisation.
• Never give anyone your Digipass number or your Digipass PIN. Triodos will never ask for this information.
• Do not let someone else use your Digipass – even a colleague or family member. Your Digipass is assigned to you as an individual and must only be used by yourself. If you leave your place of work, please let us know and we can arrange for your Digipass to be cancelled.
• If you are unsure about someone who has called you claiming to be from the bank or another company, hang up and call back on the company’s published telephone number.

1. Contact us immediately on 0330 355 0355 (or if abroad on +44 (0)1179 739339) if:

• You’ve lost your card or suspect it has been stolen
• You’ve lost any of your security details or think they have been stolen
• You think someone else may be able to use your card or security details

For card related queries, we're available 24/7. For other fraud related queries, we're available 8am-6pm Mon-Fri (9am-6pm Thu), and 10am-4pm weekends.

2. Once you've contacted us:

• We'll ask you for all information you have about the loss or theft and may require you to report it to the police
• If you find your card after reporting it as lost or stolen do not use it. Destroy your card immediately by cutting through both the magnetic stripe and chip

3. Once you’ve let us know, you can also report it to Action Fraud – the UK’s national fraud and cyber crime reporting centre:

• Call: 0300 123 2040
• Report it online: actionfraud.police.uk

When you open an account with us, we need to obtain sufficient proof of your identity and address. We do this to satisfy our legal obligations and protect you, the public and Triodos Bank against fraud and misuse of the banking system. To help us verify your identity, we may use the details you provide to do electronic searches about you at credit reference agencies. They will supply us information from databases, including information from the Electoral Register and fraud prevention agencies.

In order to safeguard your personal information and money we require a three stage login process for internet banking, one of which involves the use of a digipass. This is similar to the card reader facility at some other banks and is used along with other systems to ensure your finances are kept safe. We constantly review our security measures and publish guidance on steps that can be taken to prevent fraud such as the Take 5 campaign through FFA UK.