Online Applications
Trade Finance
Personal Loan
Credit Cards
Chong Hing Securities
Form Download
Service Charges
 
i-Banking
Logon
Apply
Activate
CH Securities
Logon
Apply Now
Personal Banking
Security Tips for using Internet Banking and Mobile Banking

Security Tips for using Internet Banking and Mobile Banking

The Bank is serious about Internet Banking and Mobile Banking security and strongly recommends you to learn more about the protection and the security tips we have put in place for you and read our security tips regularly.

I. Be Vigilant of Fraudulent Websites and Emails and Mobile Application
II. What We Have Done to Protect You in Using Internet Banking Services / and Mobile Banking Services Safely
III. How to Use Internet Banking Services and / or Mobile Banking Services Safely
IV.Common Online Fraud
V. Frequently Asked Questions

I. Be Vigilant of Fraudulent Websites, Emails and Mobile Application

  • You should logon to Internet Banking or Mobile Banking by entering the bank's website address (www.chbank.com) or Mobile Application. You are reminded to be vigilant of any fraudulent website in disguise of the Bank.
    • Never logon to our Internet Banking Services/or Mobile Banking Services or provide your personal information through any hyperlinks, QR codes or attachments, which provided in emails, Internet search engines or other websites.
  • The Bank will NEVER send an email with hyperlinks to the Bank's transactional pages, and will not ask personal information from our customers such as (a) Bank account numbers, (b) Username and Password of Internet Banking accounts through email, SMS or phone.
  • Beware of any unusual login screen and process (e.g. a suspicious pop-up window which requests for providing additional personal information). If you encountered with any unusual process, we suggest you to log out from the Internet Banking immediately, and perform virus scan to your computer by the anti-virus software (with the most updated virus definition file).

II. What We Have Done to Protect You in Using Internet Banking Services and Mobile Banking Safely

  • We adopt the 256-bit Secure Socket Layer (SSL) encryption to assure the confidentiality of your personal and transaction data during transmission on the Internet.
  • Our web servers are protected by firewalls to prevent unauthorized access.
  • If you forget to logout from Internet Banking Services and/or Mobile Banking Services, your online access will be disconnected automatically after a short period of inactivity to prevent unauthorized transaction.
  • If five consecutive incorrect logon attempts were detected, your Internet Banking Services and/or Mobile Banking Services would be suspended immediately.
  • If your account is frozen due to no activity for a long period, the account will not be able to operate at Internet Banking Services and/or Mobile Banking Services.
  • SMS message issued by our Bank for Online Banking Services included “one-time password” will be sent to your registered mobile phone number only. The SMS will not be forwarded even though you have enabled "SMS Forwarding Service” provided by the Telecommunication Company.
  • III. How to Use Internet Banking Services and / or Mobile Banking Services Safely

    1. Take Precautionary Measures while You Are Using:

    Internet Banking Services

    • Ensure that you are connecting to our Internet Banking Services website https://www.ibanking.chbank.com before logging onto Internet Banking Services.
    • Do not logon to Internet Banking Services by using public computers in public areas such as cyber cafes or bars.
    • When using Wi-Fi connection, use trusted Wi-Fi networks or service providers instead of public Wi-Fi. Enable security protection such as Wi-Fi Protected Access (WPA, a security protocol to secure wireless computer networks) while logging on to Internet Banking.
    • Do not logon to Internet Banking Services through hyperlinks embedded in emails, SMS, applications, social networking sites, suspicious pop-up window or internet search engines' results.
    • Ensure other browser windows are closed before logging on to Internet Banking Services. Please logout Internet Banking Services before visiting other webpages.
    • Make sure no one can see your Customer Reference Number, Logon Name and Password when logging on to the Internet Banking Services.
    • Always check the date and time of your last Internet Banking Services logon. Contact us immediately if you are in doubt of information displayed.
    • If you log into your internet banking account and encounter any suspicious situation (e.g. computer respond is extraordinarily slow, the login procedure is awkward or requiring you to enter additional information), please stop login and inform the bank immediately.
    • Always use the "logout" button to exit and close the browser after using Internet Banking Services.
    • Do not leave your computer unattended before logout.
    • Check your bank balance and transactions regularly and notify us immediately if you detect any errors or unauthorized transactions.
    • Check the bank's SMS messages and other messages in a timely manner and verify your transaction records. Inform the Bank immediately in case of any suspicious situations. If any of your contact information has changed, please complete and return the form to any of our branches or contact our branch staff.
    • Company user is recommended to set up a dual authorization (Joint Authorities) for financial transactions on Corporate Internet Banking to enhance security and the accuracy of transaction details.

    Mobile Banking Services

    • Download Chong Hing Bank Mobile App from official application store only. Please visit Apple App Store / Google Play and search for "Chong Hing Bank" to download it for free.
    • Do not install applications with unknown sources to your mobile device. Do not use untrusted custom virtual keyboards.
    • Install and update the latest anti-virus and anti-spyware software regularly on your mobile device, whenever they are available.
    • Do not save your mobile banking account's Logon Name and Password in your mobile device.
    • Avoid sharing your mobile device with others and use your own mobile device to log on Mobile Banking Services.
    • Set a password for your mobile phone that is difficult to guess and activate the auto-lock function to prevent unauthorized access of your mobile device.
    • Use the latest versions of Operating System, Mobile Application and Browser. Don't use any jailbroken or rooted ("Cracked version")mobile device which may have security loopholes while logging on to Mobile Banking Services.
    • Use default browsers originally provided by mobile device rather than newly installed browsers downloaded from other sources.
    • Use cellular network provided by your mobile device's operator instead of public Wi-Fi when logging in for mobile banking service.
    • Disable any wireless network functions (e.g. Wi-Fi, Bluetooth, NFC) not in use. Choose encrypted networks when using Wi-Fi and remove any unnecessary Wi-Fi connection settings.
    • Regularly remove all caches and browsing history stored in your mobile device.
    • Delete sensitive or confidential SMS message if it is no longer required and clear the browsing history regularly.
    • Make sure no one else is peeking at your login name and password information when logging into your mobile banking service.
    • Always check the date and time of your last Mobile Banking Services logon. Contact us immediately if you are in doubt of information displayed.
    • After logon to Mobile Banking Services, please logout before visiting other Mobile applications.
    • Always use the "logout" button to exit and close the Chong Hing Mobile App upon finish using Mobile Banking Services. Do not leave your mobile device unattended before logout.
    • Check your bank balance and transactions regularly and notify us immediately if you detect any errors or unauthorized transactions.
    2. Safeguard Your Password, Customer Reference Number, Logon Name and Personal Information
    • Change your Password immediately when first time using your Internet Banking Services and destroy any documents containing password information.
    • Keep your Password, Customer Reference Number, Logon Name and personal information secret and in a secure place. Do not write down or record the password without disguising it.
    • Do not disclose your Customer Reference Number, Logon Name and Password or SMS-based one-time password to anyone (including bank staff and the police).
    • Do not write down or store any login information and / or SMS one-time password issued by the bank on any devices that used for accessing Internet Banking / Mobile Banking and any accompanying or nearby objects.
    • Set a password that is safe and difficult to guess. The Password should be changed regularly and should never be stored in computers, mobile phones or placed in plain sight.
    • Change your Password regularly or in case you suspect that it may have been compromised.
    • Use different passwords for different services.
    • Do not allow anyone else to operate your Internet Banking Services and / or Mobile Banking Services account.
    • When you are using someone else’s computer or mobile device to perform transactions, ensure that you have cleared the cache after logging out for assurance your Password is not copied or stored in the computer or mobile device.
    • Do not permit the mobile device which is used for two factor authentication to come into the possession or control of any other person or leave it unattended.
    • Keep updating us with your latest contact information.
    3. Secure Your Computer or Mobile device
    • Ensure you are using supported versions of Operating System, Browsers and Software by suppliers, and enable the auto-update feature to obtain and apply security patches regularly from trusted sources.
    • Install a personal firewall, anti-spyware and anti-virus software to detect any intrusions, spyware and viruses on your computer, and enable the auto-update feature to obtain the latest spyware and virus definition files.
    • Avoid downloading or installing programs or files from unreliable sources. You should also perform virus scanning before opening any files attached in emails.
    • Disable the "Auto Complete" function of your browser. This function can record the information you entered includes the password of your Online Banking Service.
    • Do not share computers. If you must share, set your own password to block access to your accounts.
    • Disconnect from the Internet or Mobile Application when you are not using it.
    • Do not download or install programs received from SMS in your mobile device.
    • You should set a password for your computer or mobile device to prevent unauthorized access when your computer or mobile device is left unattended.
    • If your mobile device receiving SMS-based one-time password is lost or stolen, please immediately inform the Bank for suspending the two-factor authentication service.

    If you suspect:
    (1) You have provided personal information or conducted transaction through a suspicious bank website or a purported bank email.
    (2) Your Password or devices for operating Internet Banking and / or Mobile Banking services have been compromised, lost, or stolen.
    (3) Account irregularities or unauthorized transactions have been conducted over your accounts.
    Please inform the Bank immediately.

    IV. Common Online Fraud

    Advanced Fee Scam

    This scam involves sending fraudulent letters and email messages scammers, which offers the recipient a generous reward if the recipient helps to handle a large lump sum of funds. These funds often claimed to be anything from corporate profits, bribes, unspent government funds or unclaimed funds belonging to a deceased person. Sometimes, scammer may even create a bogus bank website that shows a huge credit balance of a specified account, to induce the recipient that the dubious letters/ email messages are real.

    This kind of scammed transactions typically require the recipient(s) to prepay a fee to complete the deal. However, it will be turned out that such fee will be permanently untraceable. Moreover, the recipients' personal or banking information may be exposed to unauthorized parties, and be used in other types of frauds.

    Lottery Fraud

    This kind of fraud involves dubious letters and email messages sending to victims, which congratulate the recipient(s) of winning a prize in a lottery. To obtain the prize, the recipient has to provide his / her personal particulars and bank account details. The recipient may also be requested to pay a handling fee to complete the transaction. However, such fee will be permanently untraceable. Also, the recipients' personal particulars and banking information provided may be stolen by scammers and be used in other types of frauds.

    Bogus Voice Message Phone Calls

    Bogus voice message phone calls that claimed to be from banks claim that there are irregularities detected from the customer's bank account or credit card, and request customer to input sensitive personal information (including login Passwords or SMS-based one-time passwords) or contact operator for account authentication. If customer's details or banking information is disclosed, it may be used in other types of frauds.

    Online frauds are emerging to an endless stream, customers are advised to safeguard their personal and banking information at all time.

    If you suspect yourself fall victim to any online frauds, please report to the police immediately!

    V. Frequently Asked Questions

    1. How do I choose a safe password?

    Do's
    Don'ts
    • Do choose a password that is different from your Customer Reference Number, Logon Name or account numbers.
    • Do set a difficult-to-guess password.
    • Do ensure that your password is easy to remember only by yourself.
    • Do not use your date of birth, HKID card number, telephone number or any combinations of your English name as your password.
    • Do not use two or more consecutive identical characters, e.g. "88", "aa", etc.
    • Do not use sequential numbers or characters, e.g. "1234", "abcd", etc.
    • Do not share the same password you have used for accessing other web services.

     
    2. How do I delete the cache information in Internet Explorer upon finish using Internet Banking Services?
    • Click "Tools" at the top of the browser and select "Internet Options".
    • Select the "General" tab and then the "Temporary Internet files".
    • Under "Browsing history", click "Delete".
    • In the Delete Browsing History dialog box, select "Temporary Internet files", click "Delete", and then click "OK".
    3. How can I be sure that I am connecting to the Bank's Internet Banking Services website?

    You can click the yellow "Padlock" icon at the right side of the address bar to examine the digital certificate of our Internet Banking Services website. The Digital Certificate is issued by COMODO (chained to COMODO Extended Validation Secure Server CA) and the certificate was issued to www.ibanking.chbank.com.

    4. Why I need to install a firewall at personal computer?

    A firewall protects unauthorized intrusion into your computer from the Internet and thus it can strengthen the online safety.

    5. Where can I obtain additional information about using the Internet Banking and Mobile Banking safely? 6. How do I contact the Bank for any enquiries?

    Please contact our Customer Services Hotline (852) 3768 6888 or send email to customerservice@chbank.com. We will answer your enquiries as soon as possible.

Easy to apply Free of charge
Internet Banking Services is free of charge. Please visit any of our branches or through "Activation via ATM Card" for application. Apply Details
 
Customer Services Hotline:
(852) 3768 6888
Email:
Activation via ATM Card
Download Application Form