Do not use your passport number, national insurance number, telephone number, date of birth, driving licence number, or any simple number sequence (such as 123456) as your Passcode. Avoid using the same numeric character more than once (such as 111111).
Do not disclose your mobile Passcode to anyone. The Bank will never ask you for your Passcode.
Do not send your Passcode via email / SMS or use it as password for accessing other services.
Memorise your Passcode. Do not write it down or store your Passcode and other sensitive information on your phone in a way that can be understood by someone else.
For security reasons, change your Passcode regularly.
Change options on your browser to avoid storing your Passcode on your mobile device.
Change your Passcode immediately if you suspect someone knows it or if you suspect that you have been deceived by a fraudulent website, email, or SMS message to disclose your Passcode.
Maintain adequate security on all devices accessing UK Cyberbanking.
Get our app only from the Apple Store or Google Play Store and ensure that you download the latest version.
Install/update mobile security software if available.
Do not "root" or "jailbreak" your mobile device.
Do not update your mobile operating system via or download mobile apps from untrustworthy sources. You are recommended to set your device to block installation of apps from unknown sources and keep it properly configured.
Carefully read installation and/or permission requests from websites, apps and other software and programs. Be wary of any unusual or unnecessary request.
Do not follow links sent in suspicious emails and SMS messages. Take precautions against hackers, viruses, spyware, and any other malicious software when reading emails, opening attachments, visiting unfamiliar websites, and downloading mobile apps and programs from websites.
Do not browse suspicious websites or click on the hyperlinks and attachments in suspicious emails or messages received through WhatsApp, Line, WeChat, and other e-Communities. Contact the Bank for confirmation immediately whenever a website, SMS, email or other correspondence claiming to originate from the Bank looks suspicious to you.
Disable your mobile device's "AutoFill" or similar option and avoid storing your Username and Passcode on your mobile device.
Disable any wireless network functions that are not in use, such as Wi-Fi, Bluetooth, near-field communication (NFC) or payment apps.
Do not share your mobile device with others or use other people's devices to log in to Cyberbanking. Always lock your mobile device with password protection when not in use, and activate the auto-lock function.
If your device is capable of biometric authentication (e.g. fingerprint or facial recognition), do not let any other person register his/her biometrics on it.
Do not disable any feature that can strengthen the security of biometric authentication, such as "attention awareness" for facial recognition (e.g. ensure that the "Require Attention for Face ID" setting is enabled).
You should access Cyberbanking from your own mobile device only. Do not use shared mobile devices to access Cyberbanking.
Never Share the One-Time-Password ("OTP") with anyone. The OTP we send you should not be given to anyone (even to the police or us), either verbally or in writing. It should only be entered when using our Cyberbanking.
Make sure that all other browsers are closed before logging in to Cyberbanking.
Only access Cyberbanking through our website www.hkbea.co.uk or our mobile app.
Be alert to your surroundings when performing any online banking transactions and make sure that no one sees you enter your Passcode.
Every time you log in to Cyberbanking, please check to ensure that your Personal Greeting and your last login details are correct.
Do not click on URLs or hyperlinks embedded in any email, SMS, instant message, QR code, search engine, or any untrusted source to log in to Cyberbanking. The Bank will not send emails to the customers with embedded hyperlinks / QR codes to access Cyberbanking.
Always log out and then close the app after each banking session.
Do not leave your mobile device unattended while using Cyberbanking.
Avoid joining untrusted Wi-Fi networks and using public Wi-Fi hotspots to access Cyberbanking.
Do not activate any SMS forwarding function which is supported by your mobile network provider.
Regularly review and follow the security tips issued by the Bank.
Check your account activity regularly and inform the Bank immediately if you discover any errors or suspicious/unusual transactions.
Inform the bank immediately whenever you change your mobile phone number or if your phone is lost or stolen to prevent anyone else from accessing the OTP.
Contact the bank immediately, if you ever receive an OTP which you are not expecting.
Keep your bank statements, cheque books, and other important documents in a safe place. If you want to discard any documents that contain your personal information, destroy them first.
Under no circumstances shall the Bank, by way of email /SMS, instant message, phone call or any other method, ask for your personal information, such as your PIN, OTP, or Username and Passcode, data of birth etc. In addition, we will not ask you to access the Bank's website by clicking hyperlinks contained in any email/SMS.
Do not send account information via email, SMS or social networks.