Information Security Tips

In order to ensure online safety, it is recommended that this informational help page is periodically reviewed in order to remain abreast of any evolving security threats or changes in security procedures.

Keeping Private Information Safe


Usernames, Logins and Passwords

It is of utmost importance that login credentials are secured as these constitute the entry-points to BNP Paribas platforms. The following guidelines can assist in keeping your private information safe:

  • Avoid re-using the same usernames and passwords that you use for other website logins
  • Do not use information that can be easily deduced
  • Even though your user ID (usually the email address) itself is not confidential, do not write it down on anything that can be easily found by a malicious person.
  • Never write down or reveal your password, SecurID Serial or pin number to anyone, including BNP Paribas Support Teams
  • Change your password periodically
  • Ensure that you are not being observed when entering your password
  • Periodically check your keyboard and computer to ensure that no key loggers (devices that record keystrokes) are maliciously connected

Many browsers contain auto-complete functionality. Whilst this saves time for the user, it also allows unauthorised individuals to log into your account if your computer remains unlocked and unattended. It is recommended that you disable your web browser’s auto-complete functionality.

Whatever the circumstances, never communicate your PIN/secret code to anyone (including support teams) and make sure nobody knows it.

Last but not least, if you lose or believe you could have lost your token, please contact Cortex FX Client Service Desk as soon as possible so that we can disable your token.

Authentication Devices

Should you be issued with authentication tokens or one-time passwords sent to a mobile device, please ensure that these devices are kept secure at all times.

Do not communicate by phone or to an unknown email address the serial number written behind the token, even if claiming to be from a support team, unless yourself have contacted a relevant support team earlier for a PIN reset or card synchronization issue. In the later case, it is OK to communicate the serial number to Cortex FX Client Service Desk for action.

In any case, do not paste or write anything on the SecurID token!

Logging Out

If you are away from your computer for an extended period of time, please ensure that you log out of all running applications. It is highly recommended that browser applications are closed fully after using any BNP Paribas platforms.

Viruses and Spyware

Anti-Virus software, anti-spyware software, and personal firewalls should be installed and continually kept active on your computer. Security patches and virus definitions should be periodically installed and updated in order to ensure that any bugs and security loopholes are closed.

Your Personal Information

Please keep your relationship manager updated with accurate details of your personal information.

Avoiding Fraud


Verifying Website

Navigating to the Website should always be done through known hyperlinks. Please read the address bar / URL carefully and always ensure that it is correct.

Another method of verifying the authenticity of a Web Site is to check the digital certificate for websites that begin with “https”. Certification Authorities (such as Verisign or Geotrust) are trusted third party issuers of digital certificates which verify that the website URL is a genuine site of the company or business in question. Click on the padlock next to the URL to see details of the Certification Authority:

Trusted Computers

Do not conduct any transactions through public or shared computers.

Fraudulent Emails and Websites

Remain vigilant for suspicious emails and websites that attempt to use deceit in order to reveal sensitive information. BNP Paribas will never ask you for private information by email and will not send e-mails with embedded hyperlinks to transactional websites.

Also, please be aware that in some email applications such as Microsoft Outlook, a text hyperlink may be displayed but actually clicking on the hyperlink may direct you to another website. This is known as phishing. Phishing websites are designed to look identical to genuine websites. Additionally, some emails may contain image files that appear to look like text. Hovering over the image and clicking may lead you to a phishing website. Ensure that the guidelines for verifying BNP Paribas websites (above) are followed.

We Are Here To Help


Should you suspect any unauthorised access or have any outstanding queries regarding Information Security, please promptly contact your relationship manager or support team.

Email: 
cortex.client.services@bnpparibas.com

Asia Pacific: 
+65 6210 1828

EMEA: 
+44 (0)20 7595 8886

Americas: 
+1 212 841 3838