Security

For account protection


SEFT requires the username, password, bank short name and the CAPTCHA as part of the login process. Moreover, the user needs to enter the unique six digit one time passcode (OTP) sent to the customers’ mobile phone for each and every login request in order to complete the login process. SEFT protects the user account by locking out the user after three failed login attempts.

After completing the first successful login, the user has to complete the profile information, by choosing and answering four secret questions. These answers are only known by the user.

SEFT has been configured to automatically deactivate inactive or dormant accounts for security purposes. You will need to contact your bank administrator to re-enable your account.

OTP

OTP (One Time Passcode) is a code generated by SEFT which is sent to the user’s mobile device and/or email address, this one time passcode is required in the login process after entering the username, password, bank short name and CAPTCHA.

CAPTCHA

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a type of challenge-response test used to determine whether the user is human or not.

The CAPTCHA is located on the login page of the SEFT. The user who wishes to login, needs to enter his/her username, password, bank short name and the CAPTCHA word being displayed. This technology has been put in place to guarantee that the user is a human being and not a computer software trying to guess the login credentials.

Randomly Generated Passwords Validity Period

If the customer forgets his/her password and completes the “forgot password” process, a new temporary password will be sent to his/her email account. This password is valid for a one time usage only, the users will need to change the One Time Password in order to proceed.

Forgot Password & Customer Secret Questions Profile

The system includes an online forgot password process. This comprises of collecting identification information and secret questions from the customer, to identify the customer.

Transaction Integrity

SEFT guaranties the transaction integrity by applying strict rules for transaction communication validation. SEFT will automatically reject any transaction which has been tampered with, down to the smallest modification of data.

Antivirus

SEFT integrates with the latest Antivirus engines. This ensures the security of the transaction before processing them and alerts the customer to take necessary action on his/her devise, if infected.