Always enter “postfinance.ch” directly in the address bar of your browser and check that your connection is secure. A secure connection is indicated by the “s” in “https://”. This means that data is transferred in encrypted format. Mobile access to e-finance is most secure via the PostFinance App, which should always be downloaded from official stores (Apple Store, Google Play). You should also ensure that you do not use public Wi-Fi for online banking.
How to use e-finance and the PostFinance App securely
The security of your assets and data is our top priority.We have summarized the 10 most important security standards for you below to help you use e-finance and the PostFinance App securely.
The 10 most important security standards
-
-
Do not disclose any personal data, especially any identification credentials or security elements. Keep your access details such as username, e-finance number and password secret and keep your card details and PIN safe. PostFinance will never contact you, not even over the phone, to ask for your login details. PostFinance will also never ask you to install any additional software to establish a connection with your computer. You should never disclose your data to anyone claiming to be a bank advisor or relative.
There is a simple way of creating a secure password: make a sentence and take the first letters of each word. Then expand the password with special characters. If you only use it for e-finance and never disclose it to anyone you will be on the safe side. Use an individual password for each login. A password manager can come in handy for managing different passwords.
-
Do not open e-mails from unknown senders, or any links or attachments. Even if the subject line sparks your curiosity. This could be phishing, or the e-mails could contain viruses or Trojan horses (i.e. “malware”). You are better off ignoring or deleting e-mails from unknown senders.
PostFinance will never contact you, not even over the phone, to ask for your login details.
For links and QR codes, always check whether the destination address is postfinance.ch. Scammers try to deceive you with similar URLs.
-
Do not transfer money to unknown people. Personally make sure that anyone asking you for money really is who they say they are.
For example, scammers will try to gain your trust on dating platforms. Always be sceptical until you have met the person physically.
When using a card, make sure that the recipient is legitimate.
-
If you would like to invest your money or buy cryptocurrencies, we will be happy to help. If you see an offer on the Internet, be sceptical and read reviews of the online platform or its provider first. Open the account yourself and do not disclose the login details to anyone.
-
If you offer a product for purchase and the buyer wants to transfer the money to you, all they need is your mobile phone number for TWINT transfers or your IBAN with your name. There is no need to install software or to log in to e-finance. If you receive a link or QR code to receive the money, it is most likely fraud.
-
If you are unsure or something doesn’t feel right, sleep on it and discuss it with a trusted person, or call us. We will be happy to help.
It would be best to remain highly sceptical. If something online sounds too good to be true, it is. Get help if you are unsure or suspect an attack.
-
On your computer we recommend using PostFinance SecureBrowser. PostFinance SecureBrowser protects you effectively against bank Trojan horses, phishing attacks and data theft. If you use your own browser, you can check for outdated software with Browsercheck, which will also help you resolve security vulnerabilities.
To access the Internet, please use only the latest version of the relevant browser and the latest PostFinance App.
-
Keep your operating system and the apps and programmes you have installed up to date at all times. Use security software (e.g. anti-virus)
Only install the necessary programmes and apps and always download them from the manufacturer’s website or an official store.
Activate the automatic update function for the operating system and for all installed programmes and apps.
-
Report events or observations relating to online banking to us. In the event of a lost card, theft or digital fraud attempts, it is important to block your card or login immediately.
Block your card in just a few seconds and order a replacement card if required. In the PostFinance App, you will find the block function in the More > My cards section.
More on the topic
When capturing and processing personal data, PostFinance complies with the provisions of Swiss data protection provisions and implements measures to protect against unauthorized access, manipulation, and loss of data in all areas of its online offering.
Depositor protection
In Switzerland, depositor protection kicks in if a bank goes bankrupt. Up to CHF 100,000 is protected per customer or joint account.
The independent platform run by Lucerne University of Applied Sciences and Arts helps you to better understand your personal information security, including with its courses.
The National Cybersecurity Centre (NCSC) is the Confederation's competence centre for cybersecurity. It receives reports on cyber incidents from individuals and businesses, analyses them and provides those submitting them with an assessment of the incident and recommendations for further action.
The NCSC also publishes information on current cyber threats.
The cybercrime website of the Zurich Cantonal Police highlights the various types of fraud and the latest alerts.
The Browsercheck verifies your computer for outdated software.
More tips
Would you like more practical information? “eBanking – but secure!” is an independent platform run by Lucerne University of Applied Sciences and Arts – information technology that helps you better understand your personal information security. They also offer courses to suit all needs.