How we protect you from fraud and scams

Strong customer authentication (SCA)

SCA provides extra layers of security when you buy things online or make transactions through your Online Banking. 

When a payment requires SCA we use two types of authentication out of three possible options, also known as two-factor authentication. These are:

• something you know (e.g. security number)
• something you have (e.g. card or phone)
• something you are (e.g. fingerprint or face recognition).

How we’ll ask to make these checks

If your payment requires SCA then in some circumstances we may perform checks using information we have available, or we may send a One Time Passcode (OTP) to your registered mobile phone number to verify your online card payment.

Please make sure that your mobile number is up to date and that you have your mobile phone to hand when making payments online. If you need to update your mobile number, you can call us on 0800 085 0937 to do this.

Card not working or payment declined?

There may be other reasons why your card isn't working online. Please contact us if you need any support.

One Time Passcodes (OTP)

We use OTPs to authorise certain transactions. Your OTP acts as a secure key to your account, helping to stop anyone but you authorising transactions on your account.

When we need you to authenticate a transaction, we’ll send an OTP to the mobile phone number you’ve registered with us. Each OTP is unique to the transaction you've made. You’ll enter it on screen as part of an online card purchase, or, for example, when you’re registering for our Mobile Banking app, so that we know it’s you.

Please always review the full OTP message, checking it accurately describes your transaction. Never share your OTP with another person, not even a Santander employee. It’s fraud if anyone asks you to tell them your OTP.

OTPs usually reach your phone within seconds (or a little longer if your network coverage is weak). You can still get OTPs abroad if your mobile allows global roaming. Please check with your network provider to confirm availability and charges. You're not charged for receiving an OTP.

Update your registered OTP number to your new number

You can call us on 0800 085 0937 to update your mobile number. As OTPs are individual to each user, the person whose contact details have changed will need to contact us themselves.

What to do if you receive an unexpected OTP

If you get a One Time Passcode when you’re not making a transaction, it’s likely to be fraud. Call us straight away on 0800 085 0937 and don’t share the code with anyone, either on the phone, in person, or online.

If someone phones and tells you to expect an OTP and to read it to them, it will be fraud. Never share your OTP with another person, not even a Santander employee.

Here are some examples criminals may use to try and persuade you to give them your OTP:

• they need to refund your account
• they need to secure your account
• they need to stop a payment.

Two-factor authentication (2FA)

2FA is a security process. It adds an extra layer of protection to your online accounts and digital transactions. It enhances the security of your accounts by asking for 2 distinct forms of verification before giving you access. The purpose of 2FA is to prevent unauthorised access, even if someone gets your credentials. In Santander Connect we offer 2 options for 2FA:

1. The Santander Connect mobile app that allows you to safely log on to Santander Connect and authorise transactions made in Santander Connect online banking. The app will be secured with a PIN to make sure only you can use the app. Remember to never share your pin or let anyone else use the app. The app can also be set up with biometrics if available, on your mobile phone.
2. We provide a security device, which is a small, portable electronic security device. It creates a unique code that can be used to authenticate transactions within Santander Connect. The device will be secured with a PIN to make sure no one else can use it except you. Always remember to never let anyone else know your PIN, or use this device.

Online controls and functions

There are a variety of controls within Santander Connect. These include user management and payment controls. They make it simple for you to set who can make payments from your account, and set limits on the amounts they can authorise. They add more flexibility in maintaining your security. But don't compromise your online banking experience.

We monitor your account

We do this using modern detection systems. If something doesn't look right, we'll contact you. We make sure you use security credentials. This is so we know it's you we're dealing with. You can only access Santander Connect Online Banking once you’ve verified yourself.

Proven technology 

Our service secures both your identity and finances. We use the latest technology and practices. These help protect your account from any unauthorised access.

Secure online sessions

You need to be on a secure web page to log on to Santander Connect. This protects your personal and security details. You'll know you're on a secure web page if

• The address begins with ‘https://’.
• A padlock symbol shows in the address bar.

Session timeouts

For your security, our systems will force a log off

• If you forget to log out of Santander Connect, or
• You're inactive for a short period of time during a session.

Protecting you at log on

We only allow a limited number of incorrect log on attempts. After this, we'll block your access to Santander Connect. This protects it from any unauthorised access.

Trusteer Rapport

Download Rapport for extra protection. This malware protection software is free, easy to install and simple to use. It’ll work with any existing security software that you may have to form an extra layer of protection. It will also:

• let you know if you're using the genuine Santander website and not a fake one
• provide a secure connection between your computer and Santander
• identify malware and neutralises it before it interacts with your online usage
• provide you with added protection when accessing up to 100 other websites from your computer (which are not partner Rapport websites).

Download Trusteer Rapport for free here