Security is the basis for trust in banks 

Please read the following sections carefully and protect yourself against attacks from the Internet. For this purpose, we not only carry out comprehensive measures to protect your data against unauthorised access by third parties, but also guarantee the protection of your funds through statutory deposit insurance up to € 100,000  per investor and the modern mTAN procedure.

On this page we want to give you the opportunity to find out about secure and protected online banking. The focus here is on your safety, attention and caution. Please read the following sections carefully and protect yourself against attacks from the Internet 

Our security topics

Folgende Punkte möchten wir dir gerne näherbringen. Bitte mach dich mit dieser Seite vertraut und vermeide Übergriffe auf deinen privaten Kontobereich. 

Security

Phishing

Pharming

Spoofing

http:// or https://

Trojans

mTAN

Mobile Banking

12 Rules

Security Concept

Transaction Notifications

Internet Security

Valid Customer Data

Credit Security

Latest news

Notification of 04 June 2019

We have a warning about a possible wave of phishing emails for you. In this e-mail, customers are encouraged to "update their data". This e-mail does not originate from Fidor Bank, which can be recognised on the one hand by the non-personalised greeting and grammatical errors in the text. Our request to you: don't react to this e-mail at all! We assume that this is a fraudulent attempt to access your data. Of course, we are already investigating this circumstance 

Notification of 28 May 2019

The consumer advice centre warns against sending out masses of false broadcasting fees. These letters contain the logos of ARD, ZDF and Deutschlandradio and at first glance give the impression of authenticity. These letters request a transfer of an amount to an account of Fidor Bank AG. The counterfeits can be recognised by a non-personalised address, as well as the request for payment of the broadcast amount for one month (not one quarter)! We ask you to be extremely attentive when receiving such a message and not to transfer the requested amount under any circumstances! 

Important announcement of the Federal Financial Supervisory Authority (BaFin)

According to BaFin, several cases have come to light, in which consumers have been persuaded to divulge personal data and participate in a video ID process under one pretext. Since your security and the security of your data are extremely important to us, we would like to draw your attention to this statement of the BaFin. Read this statement carefully and protect yourself from third party attacks! 

Wichtige Mitteilung der Bundesanstalt für 
Finanzdienstleistungsaufsicht (BaFin)

Laut BaFin sind mehrere Fälle bekannt geworden, in denen Verbraucher unter einem Vorwand dazu gebracht wurden, persönliche Daten preiszugeben und an einem Video-Ident-Verfahren teilzunehmen. Da uns deine Sicherheit und die Sicherheit deiner Daten enorm wichtig ist, möchten wir dich auf diese Stellungnahme der BaFin aufmerksam machen. Lies dir diese Stellungnahme bitte sorgfältig durch und schütze dich vor Übergriffen Dritter! 

Security at Fidor Bank.

Internet criminals have found a way to also tap into the mobile TAN procedure. With attentive customers, however, these fraudsters have no chance: We'll show you how to protect yourself! Please remember that we will neverask you in the Internet to enter personal information such as PINs or TANs, or to update your phone with software. Do not download updates on your mobile phone which you have received via SMS or MMS!

WHAT YOU HAVE TO WATCH OUT FOR DURING ONLINE BANKING!

Nowadays it is not only the physical loss of your credit card that leads to fraudulent incidents. Unfortunately, account attacks by so-called Trojans, phishing attacks or mTAN fraudsters occur again and again. Protect yourself from unauthorised access by third parties and increase your security awareness. Be vigilant throughout and question any incident that seems strange to you. The following points show different types of attacks on your personal banking area. With this measure we want to help you to recognise attacks, so that you can protect yourself against them - preventively!

Phishing

Therefore, make sure that you always use a network that is as secure as possible and not publicly accessible. The aim of such a phishing attack is to plunder accounts and other protected areas on the Internet. Within such an attack, users are asked to follow a link that redirects you to a website that looks confusingly similar to the original page. So be careful which website you visit in your browser and pay attention to small typos within the domain.

 

Fidor Bank will never send you an email asking
you to enter your personal information such as PIN or FIN.

 

Please make sure that you are extremely careful when you receive such an email and never click on any link sent with it. If you don't feel safe, contact our customer service immediately 

If your data is intercepted, third parties may log into your account and cause significant damage. Therefore, make sure that you always use a network that is as secure as possible and not publicly accessible. Please inform us of any suspicion of a phishing attack on your account. Only in this way can we help you as quickly as possible and ensure that this incident can be communicated to other customers. In addition, we can only prevent the attack and ensure that the phishing page sent is deleted through your active feedback.

Pharming

We recommend that you always check for the latest version of your browser, firewall and virus scanner. The goal is the same, because like phishing, your personal data will be intercepted and used. The difference, however, lies in the way the scammers want to get to your data.

In pharming, so-called malware is sent. These are programs designed to harm you. These programs include viruses and Trojans, for example. These programs nest in your system and can now redirect your supposedly secure and correct address entry to a phishing site. If the Trojan is well done, an https connection is still displayed in the address bar.

We recommend that you always check for the latest version of your browser, firewall and virus scanner. Do not compromise and "update" regularly said programs. Therefore also perform regular virus scans. Also, never store your passwords (or any private access keys) on your computer, and change them from time to time.

Spoofing

To spoof someone - to manipulate, deceive, or disguise someone. Spoofing is another method of data theft in which cybercriminals disguise themselves as trusted sources, or devices to mislead users into doing certain things. These actions are designed to steal information and can cause you and your data significant harm. Spoofing can be roughly divided into 2 approaches. The first method is the so-called mail spoofing, which is one of the most widespread attacks. The process is as follows: The e-mails that end up in your mailbox seem to come from a source that is completely trustworthy, such as a friend or colleague. However, these emails come from criminals trying to fetch your data and harm you. The sender is, so to speak, veiled and replaced by a normal sender. You will thus, for example, get a payment request from your bank, which you must settle immediately. Spoof emails can also include attachments with malware that will automatically install on your computer as soon as you click on it. The second method is IP spoofing. Here the data theft does not aim at individual users, but at networks. By sending messages from a spoofed or "spoofed" IP address, it allows unauthorized access to a particular system.

Of course, we want to explain to you how you can actively protect yourself against spoofing. Sensitization to the method, along with understanding what spoofing is, gives you the most effective protection against data theft. Pay attention to every detail when e-mailing or visiting a website. If you have even the slightest doubt, then assure yourself to the supposed sender, whether he really has written and sent this e-mail. Any suspicion should alert you and cause you to either delete the said e-mail or to leave the website. Even common security software offers you reliable protection against the robbery of your data.

http:// or https://

All our websites are encrypted with https in order to protect your data optimally and not to give third parties the possibility of fraud.

Basically, the so-called "Hyper Text Transfer Protocol (http)" is used to load a certain website, which is located on a server, into your browser. The "Hypertext Transfer Protocol Secure" (https) has basically the same task, but it does it encrypted! This ensures a tap-proof connection between the website operator and your browser. You can recognise this https website by two simple but clear features: on the one hand by the aforementioned lettering in the address bar of your browser, and on the other hand by the "padlock" that is visible in front of the address.

Be particularly careful here and rather look a second time! All our websites are encrypted with https in order to protect your data optimally and not to give third parties the possibility of fraud.

Trojans

Banking Trojans are becoming ever more sophisticated and often cannot be discovered because of ingenious techniques. The ultimate goal of a Banking Trojan is to remain undetected. In secret, the malware is waiting for you to check your account balance or make transfers. If you have placed an order, Trojans, for example, change the transfer data in your memory. In this way, the amount released by you is transferred unnoticed to another account 

Special care should be taken with, among other things:

  • unnatural subject lines with an unusually high number of capital letters or similar features
  • alleged reminders with a ZIP file attached (do not open this file!)
  • Mails with a debt collection company as sender
  • Messages in your account or app that have never existed before
 

The Trojan can also manipulate your browser's display to force you to enter a PIN or mTAN. These will be tapped and used for withdrawals from your account. Basically, Trojans try to record keystrokes, stored data, and information inside your browser, and they steal anything that can help them plunder your bank account. Among all malware, banking Trojans pose the greatest threat to your money. Therefore, we advise you to always use up-to-date and tested antivirus programs to ensure the best possible protection of your data.

mTAN

In addition, we will neverask you to enter an mTAN when registering for online banking. This is awarded exclusively for the purpose of carrying out transactions in Fidor Banking. This procedure can be abused by different methods. In addition, we will neverask you to enter an mTAN when registering for online banking - cancel this process immediately and inform us!

Mobile Banking – Security regarding smartphone!

It is pretty clear that smartphones have made online banking more convenient and independent. No matter where you are, you can access and manage your account. But this is exactly where great dangers are concealed. There are already a high number of viruses and malware for smartphones, so it's high time to adequately protect your phone from attacks.

 

Trojan dangers on your smartphone

Smartphones are often the victims of Trojans that only become active when you open your banking app. Now a fake window is displayed which looks deceptively similar to the banking app and asks for your login data. As soon as you enter your data, third parties can access your account.

A well-known representative is the Android Trojan Android.Smsspy.88.origin, which is also able to intercept your SMS. This now allows the scammers to plunder your account undetected and without suspicion.

Now you're probably wondering how to protect yourself from these attacks?

 

4 Tips for greater smartphone security

  1. Always be suspicious! Remember every step of our banking app, down to the smallest detail. If in doubt, take screenshots and note down the individual steps of the banking process. Internalise our process and thereby be able to recognise fake queries.
  2. Also protect your smartphone with an antivirus app and keep it up to date.
  3. We also recommend that you always protect your phone with a screen lock (fingerprint & PIN). If your smartphone is unexpectedly stolen without a screen lock, thieves will have an easy time. If your phone gets stolen or lost, don't hesitate to lock it immediately!
  4. Even if the big advantage of mobile banking is its local independence, we recommend that you always use a secure network and only in exceptional cases a mobile data network (4G, LTE).

12 Rules for secure banking

Let's make online banking safer together! Alternatively, you can exchange information on this topic with other users of the Fidor Bank Community.

Please note the following information in order not to fall into the trap of fraudsters. Let's make online banking safer together!

Regularly update your PC's antivirus program and firewall. This is the only way to ensure that viruses, worms and Trojans do not get into your PC unnoticed.

Make sure that your operating system (e.g. Windows) is always up to date. Therefore use an internet browser with automatic updates (e.g. Firefox or Google Chrome).

Only deal with relevant topics in the area of online banking on your own computer. Use only PCs you know and avoid activity in places like Internet cafés.

Never save your online data on your computer. Everything that is stored can be read by foreign or Trojan programs.

Fidor Bank will never ask you to return, provide or directly enter any confidential information by phone, SMS or email. To avoid fraud, each user of a Fidor Smart current account is asked to indicate a reference account (for instance for changes to the email address or mobile phone number) as well as a mobile phone number (for sending mTANs). In addition, the Fidor Smart current account can only be used to its full extent once the identity has been confirmed by the PostIdent procedure. Each transaction must be confirmed before execution by entering an mTAN, which the user receives via SMS on his mobile phone.

Clear your temporary storage (cache) regularly if you are not working on your PC.

Malicious programs can manipulate your sales display. So check your account balance regularly.

Change your password regularly. Create secure passwords by using combinations of uppercase and lowercase letters as well as numerals. Avoid combinations with private reference (such as name, date of birth, phone number, etc.). A simple password can be easily guessed.

Look for websites whose address begins
with an IP number instead of a domain name (for example: http://123.45.67.89/...) or whose address the Fidor Bank only contains as a sub-domain
name (for example: http://www.fidor.domainname.com/...) or as a name supplement or spelling variant
(for example: http://www.fidor-site.net/...).

Please always quit online banking via the "Logout" function, which is available to you on all pages. This disconnects the connection to online banking.

Please think carefully about who you're lending money to. Fidor Bank is only liable for partners or for the identity, creditworthiness, reliability and dutifulness of another Fidor Smart current account holder in relation to tractions concluded with this such as money lending. Fidor Bank sees itself here as an execution-only settlement bank.

Cards, PINs and passwords should always be stored separately. Never write your card PIN on your card or on a piece of paper in your wallet. Never leave a recorded note with your online banking data behind on a computer.


The security concept of Fidor Bank

Please read the following sections carefully and protect yourself against attacks from the Internet For this purpose, we not only carry out comprehensive measures to protect your data against unauthorised access by third parties, but also guarantee the protection of your funds through statutory deposit insurance up to € 100,000 per investor and the modern mTAN procedure. For the mTAN procedure we need your mobile phone number: Whenever you place an online order with us, you will receive an mTAN via SMS on your mobile phone. The mTAN must be entered to confirm the order. In addition, you can subscribe to various alerts (SMS/email) for your Fidor Mastercard in order to always be well informed about card sales.

Transaction notifications - Our contribution to greater transaction security

To set alerts, first log into your current account. Then call up the "Alerts" menu item. Here you can set the desired notification options. You can choose between email and SMS alerts. Set your checkmark at the desired place and click on save – done!


Internet security

Always make sure you're on a real Fidor Bank site. Check this in the first step by comparing the Internet address in your browser. In addition to the mTAN procedure, Fidor Bank uses the SSL (Secure Socket Layer) encryption procedure to encrypt the online pages. You can tell by the "s" in the URL when you are logged in. It stands for an SSL connection, which ensures that the transmission between your computer and the bank computer is encrypted and thus secure for the duration of your online session. Your data is thus protected from unauthorised access by third parties. As long as this 128-bit encryption is active, the data cannot be read or used by third parties.

Mozilla Firefox:you can find the lock in the status bar. This appears during a secure connection. If you click on the lock in the status bar, a dialogue box with the security information opens. Click on the "More information" button to get more information, including Display information about the validity of the certificate and see who the certificate is issued to (issued to fidor.banking.de). To view the information, please click on the button "Show certificate" and then on "General".

Google Chrome: you can find the lock in the top left of the entry bar for Internet URLs. A double-click on the symbol opens a dialogue box with the properties and contents of the certificate.

The free mobile TAN is one of the most secure procedures in online banking. In addition, phishing attacks on TANs in the mTAN process are also made more difficult. You will receive these via SMS on your mobile phone. If you enter the mTAN incorrectly three times in a row, your transaction will be aborted and you will receive a new mTAN. For security reasons, your mTAN is only valid for a certain period of time.

An mTAN is a mobile TAN or smsTAN and is transmitted via SMS to electronic banking users. As an online banking customer, you will receive a TAN on your mobile phone from Fidor Bank via SMS, which can only be used for this transaction, after the completed transfer has been sent via the Internet. The order must then be confirmed with this mTAN.

Why is this variant more secure? By limiting the validity period of the mTAN to only the transaction ordered in each case, redirection to another account should be prevented. In addition, phishing attacks on TANs in the mTAN process are also made more difficult.

Even if you lose your mobile phone, you don't have to worry because the validity of the mTAN is limited. SMS may also tell you about unauthorised transfer attempts, so you can immediately block your account. The use of mTANs at Fidor Bank is free of charge.

Important: We need your mobile phone number for this procedure.

Valid customer data

Fidor Bank attaches great importance to valid customer data. Depending on the user profile, the following requirements must be met:

To participate in the Fidor Bank Community we only need the e-mail address and the first and last name of the user. Registrations are possible from the age of majority and with permanent residence in the Federal Republic of Germany.

The password you provided for the Fidor Bank Community is valid to use a Fidor Smart current account. We also need your mobile phone number for the mTAN procedure, as well as a verification of your data via VideoIdent. Registrations are possible from the age of majority and with permanent residence in the Federal Republic of Germany.

Only fully authenticated Fidor Bank customers may use the Fidor Smart checking account to its full extent, conclude high-yield savings products, transfer money to any account, trade in foreign currencies and much more. - without limit restriction. The VideoIdent procedure is available to those who wish to authenticate themselves.

A Fidor Smart current account may only be used by the registered user in their own name and on their own behalf.

Closing an existing account is not possible if debts with other users are open (for example, because you have been loaned money).

Credit security

You've made a good move in choosing Fidor Bank!
Our innovative business model has successfully been able to establish itself in a demanding market environment since it was founded in 2009. Community banking and the Fidor Smart current account concept have convinced not only 80,000 customers, but also institutional and especially internet-savvy companies, to follow a joint path to success with Fidor Bank.

It is part of our strategy to communicate all of the Bank's activities transparently and to conduct a proactive dialogue with customers and community members about the Bank's business conduct.

Only together can we achieve more. Problems and questions can be discussed and discussed together. Together we can solve problems more easily. This system of values is the basis of both our products and our service. Only in this way can we achieve our goal: promoting mutual commitment.

Block emergency call for your card

The following numbers are available for you around the clock. Report the loss immediately!

Within Germany: Telephone: 116 116; outside Germany: telephone: +49 116 116 or
+49 30 40 50 40 50

The 116 116 blocking emergency call can be called free of charge in Germany.
The amount of the fees from abroad depends on the prices of the respective foreign provider.