skip to content

Security and online banking

Staying safe online

Here are some easy and sensible precautions you should take to stay safe online


Protect yourself from identity theft by shredding unwanted bank statements, utility bills, etc. Don't just leave them in your household rubbish bin as criminals can use them to try to steal your identity.


Keep your bank details secure and don't share them with others. Keep your Digipass in a safe place and do not write your PIN code on the back of your Digipass. If you lose your Digipass or cannot remember your 5-digit PIN code please contact us immediately.


RaboDirect will NEVER send you an email requesting your personal access details. If you ever receive such an email please notify us immediately.

The Digipass

The Digipass is a small hand-held device that randomly generates an access code that you use to access your RaboDirect account(s) and validate your transactions.

Learn more

'Phishing' or fake emails

Criminals work in various ways to steal your identity. Phishing, pronounced 'fishing', is the term coined by hackers who imitate legitimate companies in emails to entice people to share passwords or credit card numbers.

An email is broadcast from a fake server address, pretending to be a real company or financial institution, containing an invitation to verify or to enter username or password. The fake website looks like the real one from the financial institution.

This leads to identity theft: criminals adopt the identity of the holder of the online bank account or credit card and with that they can make payments in name of the genuine holder.

The Digipass system used by RaboDirect makes phishing virtually impossible. Phishing attacks can be successful if your bank relies on just passwords and PIN's that never change. 

If a fraudster gains access to your username and password detail they can access your online bank account.

The Digipass helps to prevent this because of the two-factor authentication principles. The fraudster would need to know your Customer Number and Digipass PIN code and have your Digipass to be successful with a phishing attempt. 

The Digipass is also required to authenticate transactions giving you a double layer of security.

Find out more about phishing or fake emails in the security FAQ's below.

Security FAQs

Could someone withdraw money from my account?


Your account can’t be accessed without the Customer Number, Digipass and 5 digit PIN. Providing you keep this information safe, it is unlikely anyone could log into your account and withdraw money. 

But even if someone was able to get hold of your details and log into your account, funds can only be transferred back to the nominated bank account in your name.

How do I identify a phishing email or fake website?

Fake emails and websites can look very realistic but there are a few tell-tales signs to look out for:
  • Requests for confidential information. We will never ask you to provide your customer number, account number or PIN code via email. 
  • An unusual website URL - Look out for a “padlock” icon next to the URL to ensure you are in an encrypted secure session. If you receive a message along the lines of 'Error! Hyperlink reference not valid.’ this usually means something’s not right. 
  • Grammar and spelling errors - These can be deliberate (to get around spam filters) but are usually unintentional errors made by the fraudsters. 
  • Suspicious logos and links - If you hover your mouse over links in the email, they may not point to your bank's website but to some other third party website you don’t recognise.
  • The email doesn’t address you by name - We won’t send you emails starting with ‘Dear customer’. 
  • The tone of the email is urgent and encourages you to take immediate action e.g. verifying your online banking details. 

If you receive any emails that appear to be from RaboDirect but seem suspicious, please feel free to call us on 0800 22 44 33 or email It’s better to be safe than sorry.

What do I do if I lose my Digipass or it gets stolen?


Call us on 0800 22 44 33 or +64 4 8192870 (between 8am-6pm, Monday to Friday) so we can block the Digipass and send a replacement. 

If you can’t call or it’s outside our business hours, you can print and sign our Digipass Request Form then scan and email, fax or post it back to us.

What other security precautions can I take?


Here are some security precautions anyone can adopt to increase their own level of online security.

1. Protect your Digipass and PIN number
  • Don’t write your PIN code down. 
  • If you have to write it down, don’t store it with the Digipass and customer number. 
  • Keep your Digipass and customer number separate. 
  • Do not store your customer number or PIN code near your computer. 
  • Notify us if your Digipass is lost or stolen. 
  • Call us immediately if you are asked to return your Digipass or send it to another address. 
2. Never send account information via regular email
  • Use our secure e-mail function if you need to include account information in your message.
  • We will NEVER send you an email requesting your personal access details. If you ever receive such an email please notify us as soon as possible.

3. Use updated Anti-Virus Software

Protect your computer from viruses by installing and regularly updating firewall and anti-virus software. 

4. Scan your computer for Spyware regularly

Spyware and adware are programs that look in on your web viewing activity and potentially relay information to a disreputable source. Perform an internet search for "spyware" or "adware" to find free spyware removal programs. Just make sure that your removal program is not blocking or removing wanted items and, if it is, consider turning it off for some websites.

5. Avoid downloading programs from unknown sources

Downloads may contain hidden programs that can compromise your computer's security. Likewise, e-mail attachments from unknown senders may contain harmful viruses.

We maintain high security standards to ensure your money is protected at all times. If you have any questions or concerns, please call us on 0800 22 44 33 or email

What should I do if I receive a phishing email?

First of all, don't panic.
  • Do not respond to the email. This is important because the fraudster will then know that your email address is a real one.
  • Do not click on any links in the email. This might download spyware programs to your computer.
  • Contact the bank or company the email appears to be from and advise them.

What if I suspect that my internet banking has been compromised?


Call us on 0800 22 44 33 (+64 4 8192870) between 8am-6pm, Monday to Friday. You can also email outside of business hours.


Technical requirements

If you are browsing our website and using internet banking, you may have some questions regarding our technical requirements. Below is a list of specifications for the most effective use of our sites. There are no specific requirements for your PC, however we recommend your display settings to be at least 1024 x 768 pixels and use a minimum of 24bits colour depth.

Microsoft Windows OS

When you use a Windows operating system (Windows XP, or higher) on your PC, you can use the following browsers:

  • Internet Explorer 8 or higher
  • Mozilla Firefox 3.x or higher
  • Google Chrome 14.x or higher
  • Opera 7.2.3 or higher

Apple Mac OS

When you use a Mac operating system (Mac OS 8.1, or higher), you can use the following browsers:

  • Safari 5.x or higher
  • Mozilla Firefox 3.x or higher
  • Google Chrome 14.x or higher
  • Opera 7.2.3 or higher

Other browsers / platforms might work but have not been tested.

How do I upgrade my browser?

We recommend that you download the latest version of your browser, you can download them for free.

Technical requirement FAQs

Do I need Adobe Reader® installed?

To print PDF documents, you'll need to have Adobe Reader installed on your computer. If you don't have Adobe Reader installed, you can download it for free.

Company network

Please be aware that your employer might have blocked (partial) access to external websites (such as to prevent you from doing personal banking on company time. It might even be that some colleagues are granted access while others are not. If you experience problems while connecting from a company network please consult your local network administrator.

Do I need Flash installed?


To experience some parts of our website and internet banking you may need Adobe Flash Player installed as a plugin on your browser. Many browsers come with Flash Player pre-installed. Find out more about Adobe Flash Player.

Do I need JavaScript enabled?


To best experience our website and internet banking, you need to have JavaScript enabled. You can enable it using your browser's internet options; refer to your browser's help content. 

Firewall, Pop-up Blocker & Anti-Virus Software

We recommended you install a personal firewall and anti-virus software on your computer. Update the software's virus definitions frequently.

Installed software on your PC other than your browser, such as a personal firewall, pop-up blocker or anti-virus scanner, may interfere with the performance of

Why do I need session cookies?

You must set your browser to accept cookies in order to be able to perform transactions with RaboDirect. Session cookies only stay on your computer for the duration of your session.