While BOB applies rigorous and tested standards to ensure the confidentiality and security of your financial transactions at BOB Express ATMs and online, it is very important that you also do your part to ensure that your information remains safe and secure. Please observe the following recommendations:
Protect your Online ID, Password and PIN
Verify the authenticity of the site and the security of the communication protocol
Logoff from BOB Online when not in use
Use updated Operating Systems and reliable Anti-Virus and Anti-Spyware Software
Use Supported Browsers
Do not use public Wi-Fi and computing services when banking online
Protect your Online ID Password and PIN
You access and use the Bank’s internet banking application BOB Online by Online ID, Password, and PIN (personal identification number). The Password and PIN is known only by its holder. After you first visit BOB Online:
Choose your initial Password. Use a password that is at least 8 characters long and is at most 50 characters long, and use a combination of lowercase letters, uppercase letters, digits and special characters from the set listed here these ! @ # $ % ^ * ? ( ) _ + = - } { [ ] | \
DO NOT use easy-to-guess combinations such as your birth dates, address or telephone numbers
DO NOT use your BOB Online password for any other security login or for other non-related websites that you access.
Do not disclose your Password or PIN to anyone, this includes your colleagues, relatives or friends. Treat your Password and PIN as personal and confidential.
Change your PIN. You have to create new PIN 4 number long.
Do not disclose your PIN to anyone. Treat your PIN as personal and confidential.
Commit your PIN and passwords to memory. DO NOT write down nor store your Online ID, Password, PIN on paper or on another permanent electronic or other media.
Use BOB Online in the protected/ "private" browsing regime.
DO NOT use the options for remembering Online ID / Password in the browser, even on your personal computer / mobile device.
At least once every 2 months change your Password and PIN for BOB Online using the “Settings” menu option.
Lost or stolen ATM Easy Banking cards should be reported to the bank at once.
If you your data (incl. Online ID, Password, PIN) has been compromised or has been attempted to be compromised, immediately change your Password and PIN using the “Settings” menu option and inform the bank.
If you must contact the bank’s Customer Care Centre for assistance with resetting your secret credentials, the BOB representative will use BOB Express Online to send you an email from bob.expressonline, i.e. bob.expressonline@bankbhamas.com. Treat any other email for this service that is not from this address as suspicious, and contact and inform the bank.
Verify the authenticity of the site and the security of the communication protocol
Enter your Online ID and password on the internet site only with the URL provided by the bank. If you receive a message, or if you are notified by any other way of a sudden change in the procedure for entering your login credentials and identification, please, do not take any action and notify immediately the bank.
When accessing BOB Online, please verify the validity of the webpage – there is a green address bar and padlock sign in the browser, together with GlobalSign SSL verification.
The URL address provided uses a secure Extended Validation SSL* security certificate for use with the new high security browsers and asserts the highest level of authenticity
*SSL, Security Socket Layer is one of the most widely deployed security protocol used today. It is essentially a protocol that provides a secure channel between two machines operating over the Internet or an internal network.
The HTTPS tells the browser that the connection between the BOB Online server and your internet browser must be secured using SSL The Address bar turns from white to green, indicating that the web site is using Extended Validation SSL
The padlock is activated, showing that the browser connection to the BOB Online server is now secure. If there is no padlock or the padlock shows a broken symbol, the page does not use SSL.
The bank’s name is displayed on the address bar
* SSL References from Globalsign.
Be aware that with this secure bank URL, all information exchanged with the bank is encrypted and is transferred by using the SSL protocol, and each web page of BOB Online
Online is accessible only via the weblink provided by the bank.
DO NOT use dubious links from other websites, emails from unknown senders, etc. to access BOB Online.
The BOB Online site is identified (presented) to the customers by a server certificate issued by Thawte SGC CA (thawte.com). When you load the ebanking page, an icon of a lock appears near the address field or in the lower corner of the browser depending on the type and version of the browser used. By clicking on the lock icon you will get more information about the server certificate of the page, which must be issued to Bank of The Bahamas, Ltd. See examples in table below for your reference:
Logoff from BOB Online when not in use
When you finish your session on BOB Online, use the “Logoff” menu option to terminate your session. We advise you not to leave your computer without supervision while in active session on BOB Online.
If you plan to leave your computer or mobile device unattended, please, click the “Logoff” menu option to terminate the open session with the bank.
To protect your online banking service from unauthorised access, your unattended session will terminate after 10 minutes.
Use updated Operating Systems and reliable Anti-Virus and Anti-Spyware Software
Use updated operating systems and software and use reliable antivirus software for your computer or mobile device used to access BOB Online.
Regularly update the software on your computer. This way you can be sure that your operating system, antivirus and other scans are working optimally to protect you.
Install and use anti-spyware software, anti-spam software for your email and computer. Spyware is a computer program that monitors user activity, recording input user data and sending it to malicious persons. Spyware can be installed on your computer by malicious software, website and email. There are bundled solutions of antivirus/antispyware /firewall. It's recommended to get specialized support for the solution used.
Keep your personal or corporate firewalls updated. This security software prevents unwanted incoming and outgoing connections with your personal computer/computer network, especially when connected with Internet.
Monitor the warning messages for viruses and especially Trojans. They can be used for identity and personal data theft. Usually viruses and Trojans are installed automatically when you click on links or open applications in your email or download software of entrusted sources.
Do not use beta versions of operating systems and software.
Use Supported Browsers
For maximum security use the following browsers:
Desktop/Laptop: Internet Explorer version 9.0 or later or Mozilla Firefox version 45 or later, or Google Chrome 48 or later.
Mobile devices: Specifics will be provided when the mobile banking platform is released.
Use BOB Online in the protected/ "private" browsing regime.
Do not use public Wi-Fi and computing services when banking online
Avoid using BOB Online from public computers and public hotspots with internet access (such as internet clubs, cafes, libraries, etc.). Use your own secure wireless data connection.
Avoid using BOB Online from computers where you are unable to trust what software is installed.
Consider protecting access to your computer with a password, especially if is accessible to other members of your family or roommates.