Operational & Security Guidelines About Oriental Bank’s Net Banking
As security is of paramount concern for using Internet Banking Services, you must take care and follow the security tips as under:
- The portal is compatible of browsers as Internet Explorer (IE) version 9.0 & above, Mozilla Firefox, Google Chrome and Safari etc.
- Customer can get the information about browser version from the browser e.g. in Microsoft Internet explorer, in dropdown menu "Help", "About Internet Explorer", it gives information about Browser version as well as Cipher strength (128 bit).
- Beware of fraudulent websites which look similar to the OBC Net Banking. Ensure that you are on the Oriental Bank's Internet Banking site before disclosing any confidential information (Net Banking password, Transaction password etc.) by checking the URL of the webpage.
- Beware of scam e-mails which may contain a virus or be linked to a fraudulent website in order to elicit your confidential information.
- Install good anti-virus software, configure it properly & update it regularly.
- Always check the "padlock symbol" on the bottom right hand corner of webpage to ensure that you are connected to a secure session with Oriental Bank of Commerce. This is the VeriSign security symbol and confirms that the site you are interacting with is secured.
Safeguard your Password
- Upon receipt of Oriental Bank's Banking password mailer from the Bank, the customer should change the password assigned by the Bank.
- The new password should be of minimum 6 characters and preferably be a combination of Alpha, Numeric and Special characters.
- Customers should regularly change their both Signon & Transaction passwords.
- Customers should be advised to maintain strict secrecy of the passwords.
- The password should be memorized.
- While selecting the password, the customers should avoid numbers and letters that could be easily associated with them. Contact numbers, name, initials and birth date should be avoided as passwords.
- In case of doubt about compromising of the password, the customer should immediately change the password.
Log-in / Log-out
- The customers should Log on regularly to Net Banking web site: https://www.obconline.co.in to verify their Net Banking accounts to check unauthorized use of the facility.
- The customer should always log out/sign off from Oriental Bank's Net Banking web site, whenever he has finished using the service or whenever he is away from his PC.
- The customer should always remember to close the browser application after logout by clicking on Cross button.
- To ensure confidentiality of his information, he should always click on exit button.
Clear Cache browser/ Delete Temporary Internet Files - The customer should be advised to follow
The following instructions:
For Microsoft Internet Explorer 9 & above, select Tools> Internet Options. Choose the "General" tab and click "Delete Files" on the "Temporary Internet Files" section
Other Security measures to be followed by the customer
At the Browser level:
Disable profile assistant in browser
Disable stored / per-session cookies in the browser
At the O/S level:
Disabling user-id & p/w storage assistance in Windows.
- The user-id & both passwords (Signon/ Txn) should not be disclosed to anyone including Bank staff.
- Avoid accessing Oriental Bank's Net Banking web site from PCs installed in Public / open areas like cyber-cafes or libraries, which may have Software (or viruses) for capturing keystrokes / sensitive information in memory, swap files.
- Do not disclose Personal Information like passwords, PIN, credit/ debit card numbers not to be provided to any entity in response to e-mail request.
- Do not transact any Financial Transaction sitting in front/ along with any person for Protection of Transaction password.
- Net Banking services shall be disabled, if not used by the customer for more than 6 months from the date of his/ her login password expiry date. Although User ID can be reactivated by resetting their password using “Forgot Password” option which resets your User ID as well as password.
- In case of normal user password expiry i.e. password was set before 180 days, net banking user is force prompted for password change wherein the user is allowed to login to the platform and password reset page is shown.
Security Measures in "Oriental Bank's Net Banking Services"
Bank realizes that product and service design requires a strong commitment to the proper management of the risks associated with electronic commerce.
Your system Requirements
To use online banking, applications, or other secure forms on our site, you will need Microsoft Internet Explorer 9.0 or higher, Mozilla Firefox, Chrome, Safari etc. You may use / get information about browser version from the browser e.g. In Microsoft Internet explorer, in dropdown menu "Help", "About Internet Explorer" gives information about Browser version as well as Cipher strength.
No one can access your Oriental Bank's Net Banking account(s) without your User-id and Password. The bank generates your User-id at the time of account setup and communicates this information to you.You may change your Password as often as you like after successfully logging in to our online banking system. If you enter your Password incorrectly FIVE times, our system will lock out access. Only authorized bank personnel can unlock the account based on positive identification, when you make such a request. This policy is intended to protect you from hackers or other unauthorized individuals attempting to access your account(s) at OBC Internet Banking. Further, through 'Personal Profile' option, user can change the signon/transaction password. In case, password has been forgotten by the user, it can be revived through “Online password reset' from the "forget password ?" option on the home page.
You may change your Password as often as you like after successfully logging in to our online banking system. This option is located in the Content web page. If you enter your Password incorrectly FIVE times, our system will lock out access. To unlock the same, one has to either use forget password option or visit their Parent Branch (Branch in which A/c is maintained).. This policy is intended to protect you from hackers or other unauthorized individuals attempting to access your account(s) at OBC Internet Banking
Secure Environment Banks computer system does not connect directly to the Internet. Any and all requests for data must pass through two distinct validation and control centers also known as Firewalls. Secure Socket Layering (SSL) protects all data transmissions between your PC and banks' computer system. SSL utilizes authentication and encryption technology developed by RSA Data Security, Inc. This method of cryptography means that your private information cannot be deciphered by unauthorized individuals.
In addition, the Oriental Bank's Net Banking system has been subjected to stringent security reviews and penetration tests by an independent firm.
VeriSign Global Secure Site IDs used by the bank enable secure online communications through Secure Sockets Layer (SSL) technology. Global Secure Site IDs enables the negotiation of SSL sessions using strong 128-bit RC2 or RC4 encryption.
New Security Layer
To safeguard our customers against fraudulent practices our Bank has always adopted a proactive approach towards implementation of latest cyber security practices, our Bank has introduced an added layer of authentication in Mobile Banking app and Retail Internet Banking application.
Under the new security layer, customer shall mandatorily be required to register one time for security questions that shall form the basis of additional authentication.
In the first phase, whenever the customer login for the first time from either of his Internet or Mobile Banking channels, they shall be mandatorily asked to register for these security questions. During registration, the customer will be prompted with three sets of security questions where each set would contain 10 questions, customers have to select one question from each set and provide the answers for the same. The registration process is a one-time process that is common for both digital channels, that means a customer registered on Mobile Banking will be considered registered for both Net Banking & Mobile Banking and also vice versa. The security questions shall also be same for both the platforms.