Internet banking security
Our Internet Services comply with specific technical standards to provide advanced levels of security
Data transmission on our site is protected by Secure Socket Layer Encryption to 128 bit (AES 256-bit compatible), which currently represents the best standard for encrypting information transmitted on Internet. The protection is activated automatically as the most popular versions of browsers automatically support this method of communication. Display of a closed yellow padlock at the bottom of your browser window ensures that this protection mechanism is active. When this symbol is present, information in transit cannot be viewed by others. You should verify the authenticity of the internet banking website checking by double click on padlock, if SSL certificate contains reference to Intesa Sanpaolo and to internet banking website. You should also verify that this SSL certificate is valid.
Strong authentication devices
To increase the security level, Intesa Sanpaolo has decided to adopt strong authentication devices (OTP devices for the generation of temporary passwords and USB key devices with digital certificates) that customers have to use both to access Inbiz services and to confirm operational transactions.
Temporary Passwords (OTP)
Access to the system is performed using a combined system, based on static credentials (the Holder Code, communicated by the Bank, and the PIN Code, that is the security code that was sent to you via e-mail) with a dynamic password, which can be used only once (OTP Code). Using the OTP device, delivered to you at the branch or from your business manager, you can generate temporary passwords to access online services and to confirm the operational transaction: maximum security on all online transactions. In order to guarantee security level, you should not reveal the temporany password to anyone.
Digital signatures allow users to be identified with certainty and ensure the integrity of data transmitted, digitally signed in compliance with Italian law (DigitPA), guaranteeing that the communication cannot be rejected.
Intesa Sanpaolo issues digital certificates as a Certification Authority accredited by the National Centre for Information Technology in the Public Administration (DigitPA) and within the international IdenTrust system. More information about this can be found at https://ca.intesasanpaolo.com
Intesa Sanpaolo offers its customers two different types of digital signature, both based on current laws in force and the related associated technical rules.
For “local” digital signatures, the user receives a physical signature device (USB token) and access to the system occurs by entering two static credentials (User Code and a PIN Code associated with the digital certificate installed on the signature device).
Customers should remember to remove the physical signature device from their personal computers after use.
For “remote” digital signatures, static credentials (User Code, given to the user by the Bank, and a PIN Code, the security code sent by e-mail) combined with a dynamic password, which can be used only once (OTP Code) are used to access the system.
The “remote” digital signature is used by entering the PIN Code and dynamic password which can be used only once (OTP Code).
End of work session
To better ensure your security, after having logged in and spent a maximum time without using online features, the system will interrupt your work session. In order to continue to work, you then need to log in again. This arrangement serves to prevent other people from operating on the system during your absence.
Data Protection on internal systems
Intesa Sanpaolo adopts the best systems of protection from and prevention of attacks on their information systems, with complete protection of customer data contained therein. With a constant and continuous updating and improvement of our systems we can guarantee the highest security standards.
Support for security issues
You will find a section within the reserved area, dedicated to security, providing information about the use of your personal codes, the possibility to change them at your leisure, information on the use of security devices and how to unlock/lock your access codes.
We strongly advice to refer to the security advice provided on these pages from time to time.