You are here: Home > Help > FAQs

Help

Digipass and online security FAQs

What guarantee do I have about the security of my RaboPlus internet banking account?

Security is our top priority. You can be confident that RaboPlus Internet banking is safe and secure. We take pride in our excellent security record and we aim to maintain it. 

What is the Digipass?

The Digipass is a small hand-held device, much smaller and thinner than your mobile phone. 

  Digipass 

How does the Digipass work?

The Digipass is a 'random number generator' that creates one-time access codes. The codes are used to identify you as a user, log you on to your accounts and verify transactions. The Digipass gives you peace of mind knowing that your financial information is always protected. 

Who makes the Digipass?

The Vasco Digipass security system used by RaboPlus offers Australian customers the highest levels of online banking security. Vasco has an international reputation through its work with more than 370 international financial institutions, approximately 1,700 blue-chip corporations and governments located in over 80 countries. 

Why is it so safe?

Is a Digipass safer than a standard login code? 

Yes. The Digipass generates an electronic signature to help prevent any other person from accessing your accounts or transactions. Also, your customer number is never saved onto your computer.   

At RaboPlus, our security approach is based on what is known as two-factor authentication. The two elements are: 

  1. Something you know: your customer number and PIN; and  
  2. Something you have: your Digipass. Your Digipass cannot be used without your PIN, making it worthless to somebody else should it be lost or stolen.    

Therefore, even if someone gains access to your account details, they can't access the account without having BOTH your Digipass AND your PIN. This is safer than a standard user name and/or password login because if somebody else gains access to these, they can simply login without requiring an external device (i.e. a Digipass). 

How does it relate to my customer number and PIN?

When you log into your accounts you need to know your individual customer number, have your Digipass to hand and know your PIN. So even if your Digipass were to fall into the wrong hands it's worthless without the PIN and your customer number. 

Could someone withdraw money from my account?

No. Remember, they need all three elements to gain access to your account.

Do I need anything else?

You don't need any special software to use the RaboPlus online banking service and you can use your Digipass anywhere you want - that means you're not stuck to using just one computer. Coupled with the fact that it takes less than 10 seconds to use a Digipass, the whole system is simple and secure.  

How often do Digipass numbers change?

The random numbers generated by the Digipass change every few seconds. This means that the number can only be used once, within the specified time limit. That means your number becomes useless to would-be hackers. This significantly reduces the security risk associated with other forms of online security such as permanent access codes. 

Note - RaboPlus will NEVER send you an email requesting your personal access details. If you ever receive such an email please notify us immediately.

What kind of browser will I need?
  • Our website has been built for Internet Explorer version 5.5 (Service Pack 2) and higher. If you don't have this browser version, you can download it from http://windowsupdate.microsoft.com.
  • We also support Firefox Version 2.0 and above, running on either Windows or Mac. You can download this from http://www.mozilla.org.  
How do I know I am logging in to a secure online banking area?

When you click on "Login to your account" on the RaboPlus site, the URL in the pop-up window should start with https://secure.raboplus.com.au.

If you're using Internet Exporer or Firefox, a padlock icon should also appear in the bottom right hand corner of the window. If you're using the Opera browser, the padlock appears in the address bar. This padlock identifies that a Secure Sockets Layer (SSL) is in place, designed to provide secure communications over the Internet.

To verify the authenticity of the SSL, double click the padlock icon to view the certificate information. This should state that the certificate has been issued to secure.raboplus.com.au.

What online security threats should I know about?

Security threats

We are acutely aware of the potential threats from would-be online fraudsters and hackers. Globally we have seen an increase in identity theft & 'phishing' attempts.
The fraudster targets static passwords and many people use the same password or PINs for multiple applications. This is why RaboPlus doesn't use static passwords. Sure, they're a little bit more convenient but it's not worth the risk - to you, or to us.


What is 'phishing'? 

Phishing, pronounced 'fishing', is the term coined by hackers who imitate legitimate companies in emails to entice people to share passwords or credit card numbers.
An email is broadcast from a fake server address, pretending to be the real company or financial institution, containing an invitation to verify or to enter Username password. The fake website looks like the real one from the financial institution.


What are the dangers with 'fake emails'?

As we receive more and more emails and unsolicited emails called 'spam', watch out for fake emails as they will often:

  • Ask you for personal information. Fake emails often contain an overly generic greeting and may claim that your personal information has been compromised and ask you to re-confirm your user numbers and codes.

  • Appear to be from a legitimate source. While some emails are easy to identify as fraudulent, others may appear to be from a legitimate address and trusted online source. However, you should not rely on the name or address in the "From" field, as this is easily altered.

  • Tell you've won a prize or a free gift. You'll be asked to provide personal information in order to collect the prize. Of course not all of these are fake. You should confirm that the prize or gift is from a company that you know and trust.

  • Link to fake web sites. Fake emails may direct you to counterfeit websites carefully designed to look real, but which actually collect personal information for illegal use. 

How do I recognise fake web sites?

Fraudsters often try to direct people to fraudulent websites via email and pop-up windows and try to collect your personal information. In many cases there is no easy way to determine that you are on a fake website because the URL (Domain Name) will contain the name of the institution it is faking. However, if you type, or cut and paste, the URL into a new web browser window and it does not take you to a legitimate website, or you get an error message, it was probably just a cover for a fake website. 


What are fraudulent pop-up windows?

Pop-up windows are the small windows or ads that appear suddenly over or under the window you are currently viewing. The vast majority of these are legitimate ads and pose no threat. Fraudulent pop-up windows are a type of online fraud often used to obtain personal information.
Pop-up windows are often the result of programs installed on your computer called "adware" or "spyware." These programs monitor your web surfing activity and regularly come hidden inside many free downloads, such as music-sharing software or screen savers.
Many of these programs enable harmless advertisements, but some contain "trojan horse" programs that can record your keystrokes (for account login) or relay other information to an unauthorised source.

What other security precautions can I take?

Here are some security precautions anyone can adopt to increase their own levels of online security.  


  1. Protect your Digipass and PIN  
    • Never divulge your customer number or Digipass PIN to anyone.     
    • Memorise your customer number and Digipass PIN. If you need to write them down, store them in a location separate from your Digipass or account numbers. 
    • Always keep your Digipass separate from your account number and your Digipass PIN. 
    • Do not write your customer number or Digipass PIN on a post-it note and stick it to your computer. 
    • Notify us immediately if your Digipass is lost or stolen and we will issue you with a replacement Digipass and PIN.    

        
  2. Use RaboPlus secure email     
    Never send sensitive financial information to RaboPlus through regular email. RaboPlus customers have access to secure email within our secure transaction site. You should use this email function to communicate with our customer contact centre if you want to include information pertaining to your account statements or account details.      

  3. Use updated anti-virus software     
    We strongly recommend that you protect your computer from viruses by installing and regularly updating firewall and anti-virus software.     

  4. Activate a pop-Up window blocker     
    Blockers are often part of anti-virus and firewall Internet security packages. When you have installed your pop-up blocker you may want to adjust the setting to allow pop-up windows in websites that you trust and need access to.     

  5. Scan your computer for spyware regularly     
    You can eliminate potentially risky pop-up windows by removing any spyware or adware installed on your computer. Spyware and adware are programs that look in on your web viewing activity and potentially relay information to a disreputable source. Perform an Internet search for 'spyware' or 'adware' to find free spyware removal programs.   
    As with a pop-up blocker, you will want to be sure that your removal program is not blocking, or removing, wanted items, and if it is, consider turning it off for some websites.

  6. Avoid downloading programs from unknown sources
    Downloads may contain hidden programs that can compromise your computer's security. Likewise, email attachments from unknown senders may contain harmful viruses.

     
  7. Keep your computer's operating system up to date
    Older operating systems, eg, Windows 98, don't offer the same level of protection as newer systems. You should consider upgrading your operating system if it five years old. For more information please see:
    www.microsoft.com/security
    www.apple.com/support/security

  8. How to contact us if you have any questions or concerns  
    At RaboPlus, we maintain the highest security standards and ensure your money is protected at all times. However, if you have any misgivings or require advice on secure online banking, please contact our staff in our customer contact centre by filling in our contact form or phoning 1800 445 445. If you are a RaboPlus customer you can use your secure email to contact us.
How do I set up my Digipass?

You will need: 

  • your Digipass  
  • your initial five-digit PIN         
Follow these steps:
1.Press  Arrow on your Digipass. Digipass_Pin
2.Enter your initial five-digit PIN.Digipass_Pin
3.Now enter your own new and unique five-digit PIN.    Digipass New Pin
4.Re-enter your new PIN to confirm.New pin confirmation message
5.This confirmation message will display for a few seconds.Digipass New Pin Confermation
6.Your Digipass is now ready to use and will display "APPLI" for a few seconds before automatically turning itself off.Digipass APPLI


How do I use my Digipass?

Once your Digipass is set up, on the RaboPlus website click the Login button and follow the on-screen instructions.
Remember: always use your personalised five-digit PIN. (Your initial five-digit PIN is only ever used to set up your Digipass.)  

Can I change my personalised five-digit PIN?

Yes. You can change your PIN at any time. Here's how:  

Follow these steps:
1.Press Arrow  on your Digipass.Digipass_Pin
2.Enter your existing five-digit PIN.Digipass_Pin
3.Press Arrow  for two seconds.
4.Enter a new five-digit PIN. Digipass New Pin
5.Enter your new five-digit PIN again.New pin confirmation message
6.Your Digipass is ready to use.Digipass New Pin Confermation


What is an electronic signature?

Some RaboPlus transactions and orders require an eight-digit electronic code called a 'digital signature' - this is a random code that is generated by your Digipass. This is an added level of security to protect your money.

How do I create an electronic signature with my Digipass?

Simply follow the instructions on your computer screen - they will explain how to generate the eight-digit electronic code using your Digipass. 

What if I receive a Digipass error message?

Message:

What to do:

PIN FAIL 4You have one more attempt to enter the correct PIN.
LOCK PIN [-------]Your Digipass has been blocked*
PIN CONF FAILYour PIN has been entered incorrectly. Try again.
BATT1The battery is almost empty*
LOCK DISABLE 2The battery is empty*
-00000000-

This may display if your Digipass is dropped or if you attempt to replace the battery*

*Please contact our customer contact centre by calling 1800 445 445 or by filling out our contact form

What do I do if my Digipass gets blocked or lost?

We have a secure way of handling this. Print off the form "Unblock/Replace my Digipass" from the RaboPlus website. Fill in the details as required and post it to us at the address below. We will deal with it quickly to ensure you get back online.

RaboPlus,
Reply Paid 4715,
Sydney,
NSW 2001.

How do I fix problems with my Digipass?

Contact our customer contact centre on 1800 445 445. Or send us an email: info@raboplus.com.au.  

More about your Digipass ...

Your Digipass is your key to RaboPlus. You use it to access your RaboPlus account(s) and authorise your transactions.

The Digipass is the hardware that randomly generates the access codes you need to use your personal account. The Digipass itself has a five-digit PIN to access it which you replace with your own personalised five-digit PIN. 

You will receive detailed user instructions when you receive your Digipass. These explain everything you need to know in step-by-step detail.