Online Security
SNB is very particular about the security of our customer's personal and financial information and hence we abide by the most stringent safety measures when it comes to Internet Banking.
How we protect you online?
Our security technologies and processes are continuously evaluated to ensure that they are maintained to the highest possible standards. We employ a diverse range of security technologies to ensure the safety, confidentiality and integrity of your information and transactions.
Block login
Unauthorized login attempts will disable an account after a pre-defined number of consecutive failed attempts.
Encryption
Every time you access online banking, all account information transmitted during the session is encrypted which makes it nearly impossible for intruders to decipher it. SNB uses SSL 128-bit encryption to protect the information that you send or receive from our secure site. This provides for confidentiality of sensitive data and integrity of the transactions performed.
Individualized password
When you sign up for online access, we ask you to create your own username and password to access your accounts. The password is governed by strict password rules, making it difficult for intruders to guess it.
Timed log-off
Our Online Banking system will automatically log you out after 15 minutes of inactivity. Time based session expiry is enforced to mitigate unauthorized access to your account. However, you are advised to sign out every time you complete your SNB Online session.
Firewall
SNB's systems are protected 24 hours a day by multiple layers of firewalls that block unauthorized entry.
Digital Certificates
Digital Certificates provide the user with (Certification Authority) evidence of the server's authenticity. This safeguards users from trusting unauthorized sites and allows the session to be encrypted. Users of SNB Online will see a "closed lock" icon on the status bar of the SNB Online screen. Clicking on this icon, will allow the user to see the certificate authenticating the site.
Pre-defined Beneficiaries
Defining and subsequent activation of beneficiaries is mandatory for all financial transactions. Activation of a beneficiary requires 2nd factor authentication and an out of band authentication using 2 way SMS. Moreover, transaction limits are imposed to minimize channel exposure.
UAE Bank Federation - Fight against Fraud
Security Tips
SNB is well aware of the fraudulent banking practices prevalent around the world these days. And hence we strongly recommend some simple security tips to ensure safe and secure banking sessions.
Avoid using Public or Shared Computers:
Avoid accessing your Internet Banking account from a cyber cafe or a shared computer. However, if you happen to do so, please change your passwords from your own computer as soon as you can.
Bank Safely Online:
- Always type the SNB website URL uae.alahli.com directly into your browser address bar before you login to ensure that you are on the correct SNB website. Never click a link that offers to take you to our website. This will reduce the chances of you becoming a victim of phishing attacks.
- Use a web browser that has good security controls such as pop-up blocker, checks on malicious sites etc.
- See to it that the bank's website address changes from http:// to https:// and a security icon that looks like a lock appear in the status bar of the browser or at the end of the URL in some browsers.
- Click on the lock icon to verify if the certificate is issued to uae.alahli.com
- Double click on the Lock Icon highlighted in the figure A. it will open a window with certificate information as shown in figure B. Make sure that certificate details show that the certificate is issued to www.alahli.com
- Every time you complete your online banking session, log off from the website. Do not just close your browser.
- Update the bank when you change your contact details. This will enable us to contact you immediately in case we detect unusual transactions.
- Make sure you regularly receive and review your mobile alerts to be instantly aware of the transactions happening in your account.
- Check your account statement on a regular basis either using ATM or Internet Banking.
Protect your Password
- Choose strong passwords with a minimum of 8 characters using a combination of alphabets and numbers Avoid easy to guess passwords such as spouse/children name, date of birth, pet name, city name, car number etc.
- Memorize your password and do not write it down in your mobile or email. Use a different password for online banking and for logging into other non-banking websites.
- Ensure that no one is watching you while you type your password / PIN or any other sensitive information. Do not share your Password / PIN or make it accessible to others.
- You should NOT reveal your password / PIN to anyone even if they purport to be a staff member of SNB.
- If you are a corporate customer do not allow anyone to keep, use or temper with your safe word password generating token. Do not divulge the serial number of you security token to anyone.
Protecting your Computer
- Ensure that your computer has the latest anti-virus software and is updated regularly. Make sure your computer's Operating System and browser software are updated with the latest security patches.
- Install a personal firewall to prevent unauthorized access to your home computer, particularly when they are linked via broadband connections, (DSL) digital subscriber lines or cable modems. Update the personal firewall with security patches or newer versions on a regular basis.
- Do not select the option auto-save on browsers for storing or retaining user name and password when logging into online banking.
- Clear your browser's cache and history after each session so that your account information is removed, especially if you are using a shared or public computer from internet cafes.
- If you are using a Windows OS, ensure any unwanted 'file & print' sharing is disabled. Keep regular backups of critical data.
- Consider the use of encryption technology to protect highly sensitive data.
Wireless Networks
- Set a password for your wireless point and prevent unauthorized users from accessing and using your wireless connection.
- Disable broadcasting to your network name (SSID-Service Set Identifier) to prevent casual surfers from detecting and connecting to your wireless network.
- Enable encryption on data transmission to protect your wireless network. Allow only registered machines for your wireless network.
Beware of Spyware
- Spyware is a piece of software inserted in your computer that collects information about you and your internet browsing pattern. It is stored in your PC (with or without your consent) when you download software, games, screensavers, etc., from the Web. It usually claims to be able to improve your computer's performance.
- Spyware can be used maliciously to gain access to your passwords, PINs, card numbers and Internet browsing history. They can also be used to scan files on your hard drive and slow down your computer by consuming system resources leading to system instability or a crash.
- Do not log- in to SNB Online while such software is installed on your computer. If you have installed any software that claims to speed up your internet connection, or have additional third-party toolbars on your browsers, then you may be using software that has the ability to track your internet sessions. We recommend that you uninstall such software.
Beware of Phishing
Online phishing pronounced as "fishing" is a method of identity theft that tricks you to reveal personal or financial information online. Phishers use phony websites or deceptive email messages that mimic trusted businesses and brands in order to steal personally identifiable information such as usernames, passwords, credit card numbers, and billing information.
UAE Bank Federation - Fight against Fraud
What is Phishing?
Online phishing is a method of identity theft meant to trick an unsuspecting user to reveal personal or financial information online. Phishers pretend to be trusted businesses in order to steal usernames, passwords, credit card numbers, billing information etc.
How would I identify Phishing emails?
A. Phishing scam will ask you for personal information. Any email that you get from a reputable institution - SNB, eBay, Amazon, etc. - will NEVER EVER ask you for your password or your other personal information.
The message appears to be coming from SNB or another website that asks you to take action of some sort (e.g., update account information). It is the type of information that's being requested that should serve as a warning to you. Do not respond to the following:
Do not respond to the following:
- Urgent requests for personal financial information
- Alarmist statements that tell you to act immediately
- Requests for "restricted" information, including usernames, passwords and account numbers
- Messages with an unusual 'From' address or an unusual 'Reply-To' address
Sample Bogus sites
Note that the screenshot above appears to be legitimate at first sight, but it is not. The browser address bar shows a URL other than that of SNB.
SNB will never ask you for your username, password, or similar restricted data, through email, phone, text or any other means.
What if I receive a phishing email?
In case you receive a phishing email from someone posing as SNB:
- Do not respond to the email
- Forward that email immediately to uaeservice@alahli.com
- Delete the email without clicking on any link in the email
- Ignore any phone number mentioned in the email
If I come across a website I think is phishing, how do I report it?
Report a phishing Web site by calling SNB Phone Banking or by sending website URL to uaeservice@alahli.com and we'll investigate.
What should I do if I think I've entered my personal or financial information into a phishing website or I've been a victim of phishing?
Please do the following immediately:
- Contact SNB Phone Banking and tell them about the email and what sort of information you have entered
- Follow the instructions from the SNB Phone Banking staff
- Change the passwords or PINs on all your online accounts immediately
How did the phishers get my email address?
Phishers do not target individuals, but send out thousands of scam emails to randomly generated email addresses in the hope that some will be successful. They also search the web for valid addresses they can use and exchange this information with each other. If you have ever posted on an internet forum or published something on the web, there's a good chance your address will be targeted by the phishers. If you have fallen victim before, your address is normally added to a list of 'easy victims' and you are likely to then receive even more scams.
"Forwarded" emails are also good source of email addresses. Spammers start mail chains in the hope of getting a list of live email addresses. Refrain from forwarding emails or if it is absolutely necessary, then remove all unnecessary email addresses from the email before sending it.
What can I do to help protect myself from online phishing?
- Be very careful with your personal information. SNB will never ask you to reveal your personal information such as passwords and account numbers through email
- Be cautious about providing sensitive data in an email message, instant message, or pop-up window
- Be wary of clicking links in email messages and instant messages
- If you are going to visit any site where you intend to enter your account details or similar information, you should only go there by typing the site's address directly into the browser address bar and not by clicking a link in an email. This is the only way to be sure you are visiting the real site and not a fake one.
- Never give out your personal details
Is it safe to enter my user-ID/password anywhere on the Bank's official site?
Please do not enter any confidential information (user-ID/password) on any online resource except the designated pages for entering your username and password, even on the official SNB site.
What is the official website of the Bank?
The official website of the Bank is provided in your account statements and other official communication from SNB. Please do not enter any account-related information, PIN or any other personal information on any site other than the Bank's official site. If in doubt about a site, please contact SNBPhone or your relationship manager to verify.
How do I ensure that the site I am visiting belongs to SNB?
Please do not trust any site even if it bears the SNB logo or looks and feels like the bank's website. You should only trust a site if you have entered the site address (provided by SNB through an official communication, e.g., a letter or your account statement) yourself in the address bar of your browser. If you have come to the site by clicking a link, please ensure that the site address (in the address bar of the browser) is the one provided by SNB through official communication.
Does SNB ask users to supply their ID and password via email?
No. Under no circumstances SNB will ever request you to provide or confirm your ID and password via email. You should never divulge your SNB password to anyone in any case.