Security of online business | OTP banka

We are aware of the importance of security, so in electronic banking we use state-of-the-art forms of secure online operations.

Cookie Control
Pursuant to the Electronic Communications Act (ZEKom-2) user consent is required for certain cookies to be used. You may reject cookies at any time. In this case, you will still be able to visit our website, but the website may not function as intended.
 
Do you agree to using the following cookies?
Session cookies
Cookies to store your preferred choices and settings
Agree
Don't agree
Google Analytics cookies for analytical purposes
Agree
Don't agree
Third-party cookies (Facebook, Twitter, LinkedIn, Ad Words, Hotjar)
Agree
Don't agree
Start typing what you're looking for

SAFE ONLINE BANKING

We are aware of the importance of security and therefore use the latest online banking technologies to make sure you are safe online.
 

OTP Banka

How to make sure you are logging into our Bank@Net online banking site?

The identity OTP banka's online banking site is ensured by a verified digital certificate. You can check the identity of the certificate:

1. By checking the settings in your browser, or

2. By clicking the padlock icon located in the search bar of the browser.



 

 

OTP Banka

What is strong user authentication?

Strong user authentication is a procedure that uses two or more elements described below:

  1. Something only the user knows, for example, a password, or personal identification number;
  2. Something only the user owns, for example, a payment card, mobile phone;
  3. Something the user is, for example, biometric characteristics such as a fingerprint.

The selected authentication elements need to be mutually independent, meaning that if one is breached, the other is not affected.

 
Basic rules for safe online banking:

General rules:

  • Turn off or lock the computer you use for online banking when you are not using it (when you're out of the office or on vacation).
  • Do not open emails or email attachments sent by unknown senders. We advise you to be cautious when opening emails and attachments received from known senders, as viruses commonly spread that way as well.
  • Do not install any software from unknown sources on your computer.
  • Never visit any websites by clicking a link in the email; always type the website URL into the search bar in your browser.
  • Choose passwords that are difficult to guess, and never share your password with anyone. Keep your passwords at a safe location or remember them, and make sure to change them regularly.
  • Make sure that the latest security patches, firewalls and anti-virus software are installed on your computer and run regular anti-virus scans.
  • Use the latest version of your preferred web browser and operating system and update both regularly.

Rules for online banking

  • If you don't know the person who introduces himself/herself as the bank's employee or contact center employee, or if his/her identity is not made known otherwise, make sure to ask about his/her identity.
  • Bank will never request to allow remote access to your computer.
  • Never send any sensitive or personal data (username, password, etc.) by email.
  • Regularly check your account balance and turnover.
  • Remember your username and password and do not write them down.
  • If you receive an email from bank requesting sensitive or personal data, call our contact center.
Bank will never:
 
Bank will never use email to send sensitive or personal data, notify you about software upgrades or send password change requests.

The Bank notifies online banking users only by sending direct messages to the online bank Inbox.

We advise all online banking users to use and store their authentication elements with utmost care.


If your one-time password generator is lost or stolen, or if you change your mobile phone, please contact our contact center at  080 17 70 or +386 2 229 2760.
What is phishing and what you should never do
How to prevent phishing?

Phishing is a form of fraud in which attackers steal data and use it to access online services in your name and, in certain cases, even to steal your money. The most common scenario is when you receive an email from an attacker to visit a fake bank or online banking website, often under a false pretense of having to check your data. The email will request a login and 'verification of your data'. After you enter your data into this fake, phishing website, they are sent to the attacker.

How to avoid fraud?

Never reply to emails requesting to provide sensitive or personal data. Never click on links to these types of websites. Bank will never use email to send sensitive or personal data, notify you about software upgrades or send password change requests.

When visiting websites that have anything to do with money or finance, always type the URL directly into the search bar.

Never send sensitive or personal data by email, as this type of communication is never completely secure.

Regularly check your account balance and turnover, and check the transactions made with your payment cards.

Always install the latest updates (windows update) and keep your anti-virus software up to date.


If you suspect any fraud, please contact our contact center ( 080 17 70 or  +386 2 229 2760) which is available Monday through Friday from 7.00 until 19.00.

OTP Banka

How does the Bank make sure you are who you say you are?
 

We identify online banking users with strong authentication with SMS tokens:

 
OTP Banka



If you lose your authentication element (mobile phone), please call our contact centre at 080 27 67 or  +386 2 229 2760.
 

OTP Banka

SMS token authentication
 

An SMS token (one-time password) is a technological solution used to create a one-time password that is sent to the user's verified mobile phone number. The solution is also known as Two Factor Authentication.

Procedure:

  1. The user enters his/her username and password he/she had selected himself/herself.
  2. Bank's backend system checks whether the username and the password match.
  3. If the username and password match, the user receives an SMS containing the one-time password (SMS token).
  4. The one-time password is a randomly generated sequence of numbers created by the Bank's security system using a mathematical algorithm. The SMS token is valid only for a few minutes or until first used.

The elements selected must be mutually independent, which means that the violation of one does not affect the remaining elements.

 

OTP Banka
 IMPORTANT

 
If you suspect your online banking profile has been abused in any way, please: contact our contact center which is are available Monday through Friday from 7.00 until 19.00 at:

telephone number: 

 080 17 70 or  +386 2 229 2760.



 
 
 
 

HOW CAN YOU BE SURE YOUR CONNECTION IS SECURE?

OTP Banka

The URL starts with https://bankanet.otpbanka.si.

The SSL Certificate Green Bar also shows that your connection is secure.

You can check whether your browser (Chrome, Edge) is running in secure mode by looking at the upper left corner - you should see a closed padlock or key icon.

 
OTP Banka

If the URL shown in the bar differs in any way, do not login, as the website is probably fake. If you suspect any abuse, please contact our contact center.
 

OTP Banka

Aside from online banking authentication, this means that the encryption system that is used to protect the confidentiality of data transferred online between the user and the online banking server is functioning properly.

This means that any data transferred from you to the Bank’s server and vice-versa is encrypted and protected from any unauthorised access on the internet. If the locked padlock icon is not shown, it may be a sign of attempted fraud.

 
 
OTP Banka OTP Banka OTP Banka
 
OTP Banka OTP BankaOTP BankaOTP Banka