Information security

REMINDER OF THE CUSTOMER CB “Euro-Asian Investment Bank” LLC:

This reminder has been developed in accordance with the recommendations of the Bank of Russia (Letter of the Bank of Russia«“On recommendations for informing customers about posting on the Web site of the Bank of Russia the list of addresses of Web sites of credit institutions” No. 76-T dated J25.06.2009), contains the necessary information about CB “Euro-Asian Investment Bank” LLC and the procedure for action in case of suspicion of a web site that simulates Internet – representation CB “Euro-Asian Investment Bank” LLC

The Bank of Russia announces the appearance of fake websites in the Russian segment of the Internet. Their domain names and design style, usually, are similar to the names of genuine websites of banks, and the content directly indicates their alleged ownership by the respective credit organizations. Visitors of such web sites are reported knowingly false bank details and contact information, the use of which can lead to undesirable consequences for customers.

In connection with the above, we recommend that you familiarize yourself with the following information:

Recommendations for the safe use of banking Internet technologies

In order to further secure banking operations using iBank technologies (Internet Bank), it is necessary to comply with some basic recommendations:

  • make sure your computer is free from viruses and malware. The activity of viruses and malware is often aimed at the transfer of confidential information to third parties. Install an antivirus program and regularly update antivirus databases;
  • never open suspicious files sent to you by e-mail;
  • generate EDS keys on external rejected key carriers (tokens) and store them in a safe place.
  • subject to accessing the launch of the “iBank” program (Internet Bank) or access to a working computer, of many people, delineate access to launch the program through the internal distribution system of access rights of the program;
  • Try to remember the username and password. Never write them down in places accessible to unauthorized persons;
  • When entering a new password, do not use simple combinations, it is best if the password consists of upper and lower case letters, as well as numbers. This will provide maximum protection against hacking the password;
  • install and use a personal firewall on your computer. This will prevent unauthorized access to information on the computer;
  • if you suspect that someone has information about your username and password, be sure to change the password yourself;
  • if there are suspicions about the fact that the key carrier has been compromised (loss or access of third parties to it), you need to call the bank, report the fact to lock the keys, and generate a new key;

 Recommendations of the Central Bank of the Russian Federation on conducting operations using mobile communications

Security of HandyBank System

HandyBank has the highest level of protection for the current level of technology from unauthorized access to the client’s funds:

Technical protection

  • A bank card number, PIN code for it, CVV / CVC and its other details are not transmitted via the Internet.
  • Client access to the System is carried out via the HTTPS / SSL protocol.
  • Login / password to enter the System (anti-selection, test for complexity). The user can change the password in the System settings.
  • Virtual keyboard (optional).
  • The transaction generation channel is physically separated from the transaction authorization channel:
    • authorization of transactions through the Handy-code (a random six-digit number that is valid only for 6 minutes which receives from the System on his/her mobile phone by SMS when making a payment upon a client request for entering the appropriate screen form);
    • the session time of the user in one screen form of the System is limited and can be set by the user in the settings (from 1 to 15 minutes).

Insurance cover

  • The customers’ risks associated with conducting transactions in the System are insured by “Rosgosstrakh” with a limit of 3 million rubles for one insured event.

And also

  • Online monitoring system for potentially fraudulent transactions.
  • Safety Certificates:
    • for compliance with international requirements for information security management in the development, implementation and maintenance of software ISO / IEC 27001: 2005;
    • for compliance with international quality management standards in the field of IT development ISO 9001:2008;
    • for compliance with international data security standards of the industry of payment cards PCI DSS (Payment Card Industry Data Security Standard).

 Recommendations of the Central Bank of the Russian Federation on conducting operations using mobile communications

Appendix No. 1 to Order No. 57/1 of 24/03/2017