FAQs
As you'd expect from a bank, we take security very seriously - here are some things we do to keep you safe. To help you spot fraud, we’d also like you to know the things we’d never do.
What we do
- Provide around the clock debit card transaction monitoring.
- Provide 24/7 phone support to answer your questions about your debit card.
- Give you the ability to block your card in the Triodos App or Internet Banking.
- Temporarily block accounts and debit cards if fraudulent activity is suspected.
- Automatically log you out of Internet Banking and the app after a period of inactivity.
- Keep you up to date with fraud protection advice.
- Send text alerts when online or card transactions are made.
- Temporarily suspend your Internet Banking if left dormant for a long time.
- Monitor payments to assess whether the payment you are making is likely to have been made as part of a scam.
What we’ll never do
We will never contact you out of the blue to ask you:
- For your mobile app passcode.
- For your digipass PIN.
- For your card number or PIN.
- To transfer money out of your account.
- To click a link in an email to our Internet Banking.
- To download any software onto your PC or mobile phone.
- To authorise or cancel card payments through the app, or approve “refunds”.
If in doubt, call us on the number on our website, or delete the email without opening it.
Learn more about how to stay safe online or visit the action fraud website.
Was this helpful?
Bank impersonation fraud is when a fraudster impersonates someone from the bank in order to trick a victim into making payments to a fraudulent account.
What a fraudster might do:
- A fraudster usually calls their victim, though may use email or another contact method. It’s likely they already know information about the victim, including their name and who they bank with.
- While impersonating the bank staff member, the fraudster might tell the victim their account is under threat and they need to make payments to a “safe account” or set up payments in order to “block the funds”.
- The fraudster might ask for details from the Digipass so they can access the account and make payments to the fraudulent account themselves.
- The fraudster might ask the victim to download screen sharing software so they can view or control the victim’s computer. This can make it easier to take control of the account.
- In any scenario, the fraudster will foster a feeling of panic in order to get the victim to comply with their requests as quickly as possible.
- Fraudsters might also impersonate other well-known, trusted companies such as Microsoft, Apple, BT or HMRC.
What Triodos Bank will never do
- We’ll never call you to tell you to log into internet banking or to make a payment to a “safe account”. If we believe your account to be under threat, we can block the account ourselves and do not need you to do anything from your end.
- We’ll never ask you for your full Digipass number or your Digipass PIN.
- We’ll never ask you to download any software onto your PC or mobile phone.
What you can do to protect yourself
- Never give out your personal details to someone who has called you unexpectedly.
- Never download any software onto your PC or mobile phone when asked by someone over the phone or by email – even if you think you are speaking to a trusted organisation.
- Never give anyone your Digipass number or your Digipass PIN. Triodos will never ask for this information.
- Do not let someone else use your Digipass – even a colleague or family member. Your Digipass is assigned to you as an individual and must only be used by yourself. If you leave your place of work, please let us know and we can arrange for your Digipass to be cancelled.
- If you are unsure about someone who has called you claiming to be from the bank or another company, hang up and call back on the company’s published telephone number.
Was this helpful?
For card related fraud, block your card in the Triodos Mobile Banking App or in Internet Banking. Then, please call us on 0330 355 0355 (or +44 (0)1179 739339 if calling from abroad) to speak to our 24/7 card services department.
For other fraud issues and queries, we're available 8am-6pm Mon-Fri (9am-6pm Thu), and 10am-4pm weekends.
We’ll ask you for all relevant information related to the scam, loss or theft and in some cases may ask you to report this to the police.
We’ll advise you on any next steps, and we may provide you with advice to help keep your account secure whilst we investigate.
Where Fraud is confirmed you should also report it to Action Fraud – the UK’s national fraud and cyber crime reporting centre:
- Call: 0300 123 2040
- Report it online: actionfraud.police.uk
Was this helpful?
If your card or security details are used to make a payment or transfer without your permission, we will refund the full amount (minus £35 where applicable) of the payment as soon as is operationally possible. This includes repayment of any interest or charges incurred as a result of the payment. However, you must notify us as soon as possible and no later than 13 months after the debit date. After this time we will not be able to issue a refund.
You may have to pay up to £35 if:
- Your card is used after being lost or stolen
- You fail to keep your security details safe
You may be responsible for money taken from your account up until the point you report it to us, if you:
- Don’t keep your card or security details secure
- Don’t tell us as soon as possible that your card is lost or stolen
- Share your card, digipass or security details with a third party
- You were aware that your account had been compromised at the time that the payment was made and you failed to tell us.
You will not be responsible if you’re unable to notify us because our phone lines are unexpectedly unavailable or closed, as long as you call us when our lines open the next day.
Was this helpful?
In order to safeguard your personal information and money we require a three stage login process for internet banking, one of which involves the use of a digipass. This is similar to the card reader facility at some other banks and is used along with other systems to ensure your finances are kept safe. We constantly review our security measures and publish guidance on steps that can be taken to prevent fraud such as the Take 5 campaign through FFA UK.
Was this helpful?
We’ll investigate all fraud claims and we will let you know the next steps when you report the fraud to us, including any timescales for reimbursement. We may ask for additional information or documents to help us assess your claim, and we will ask for your consent to share information with the other banks involved.
Every claim will be assessed on a case-by-case basis. As part of the process, we will consider the evidence presented by you, any service providers involved and – where relevant – a third party, such as the police.
Was this helpful?
When you open an account with us, we need to obtain sufficient proof of your identity and address. We do this to satisfy our legal obligations and protect you, the public and Triodos Bank against fraud and misuse of the banking system. To help us verify your identity, we may use the details you provide to do electronic searches about you at credit reference agencies. They will supply us information from databases, including information from the Electoral Register and fraud prevention agencies.
Was this helpful?
Authorised push payment (APP) fraud happens when you are tricked by a criminal into sending money by bank payment to an account that they control and which you do not.
New rules effective from 07 October 2024 introduce requirements for all banks to reimburse victims of APP fraud.
Every claim will be assessed on a case-by-case basis. As part of the process, we will consider the evidence presented by you, any service providers involved and – where relevant – a third party, such as the police. For more information about what is covered for reimbursement and what is not please see ‘When is a fraudulent authorised push payment (APP) payment covered?’
We may not reimburse money lost in an APP fraud if you have not taken certain steps before and after you make the payment. These steps are known as the Consumer Standard of Caution, and are as follows:
- You need to follow any warnings from us, such as an alert that the payment you are making is fraud or could be fraud. You also need to follow any instructions from the police or the National Crime Agency.
- You must report the fraud as soon as you can, and no more than 13 months after the last fraudulent payment was made.
- We may ask you for additional information about your claim. You need to make sure you respond to these requests.
- Once you have made a claim, we may ask you to report the details of the fraud to the police.
Was this helpful?
- Every claim will be assessed on a case-by-case basis. As part of the process we will consider the evidence presented by you, any service providers involved and – where relevant – a third party, such as the police.
- If your claim is valid, in most cases you should be reimbursed within five business days of making a claim. Business days are Monday to Friday and exclude all UK bank holidays and includes additional holidays in Northern Ireland and Scotland.
- In some case it can take up to 35 days to be reimbursed. This is when we need extra time to gather information from you, the bank that received the payment, or a statutory body (such as the Financial Conduct Authority) to inform their assessment of the case.