What is Strong Customer Authentication?
It is an additional way of identifying you for the approval of transactions that you make through the eBanking service (using a browser or through ChaniaBank Mobile App).
Specifically, it is the process of identifying you using two or more elements:
- Passwords to the eBanking service (Password and Password),
- One-time codes (OTP)
- Biometrics (Face ID, Touch ID)
The Strong Customer Authentication methods we use contribute to your stronger identification and transaction security.
Strong Customer Authentication Methods
For the strong authentication of a customer, in order to execute transactions that you make through the eBanking service, we use 2 methods:
- Sending one-time codes (OTP) via SMS or Viber in order to execute transactions that are registered in the eBanking service via browser and through ChaniaBank Mobile App.
as well as
- Push Notifications in order to approve through your registered mobile device the execution of transactions that are registered in the eBanking service via browser.
It is possible to modify the Strong Customer Authentication method through the eBanking service interface (using a browser).
One-time password - One Time Password (OTP)
It is a six-digit number, which is used as an additional (password) security measure, lasts only for two minutes and is necessary to complete your transactions through the eBanking service, or in other cases as an additional level of security.
sending of the one-time password is provided free of charge and is mandatory for the completion of transactions by all users of the Bank’s eBanking service (individual or business users).
The one-time passwords (OTP) are sent through the Viber application or via SMS (depending on your choice of the relevant settings), to the phone you registered with when you signed up for the eBanking service.
In the event it is not possible to send OTP through the Viber application for any reason, the OTP is sent by SMS to the above mobile phone number.
Sending messages via Viber is faster than SMS messages and especially useful if there is limited mobile network coverage at the geographic location where you are at any time or if you live in a foreign country.
When completing transactions or in other cases where security reasons require strong customer authentication, you will receive a message containing transaction information and the six-digit code (OTP) that you must fill in in the relevant eBanking service screen to complete the transaction. The above message is completely related to the specific transaction that is being performed and cannot be used in another transaction.
The OTP message is sent to the mobile phone number that you registered with when you signed up for the eBanking service, or modified through the eBanking service
By default OTP messages are set to be sent to your mobile phone via the Viber app. If for any reason it is not possible to send OTP via Viber, after a few seconds you will receive the same sms message on your mobile phone number.
In the OTP code filling field of the transaction window, you can choose to resend the same code differently (SMS/Viber) than the one that was sent the first time.
If you do not want to receive OTPs through the Viber app, you can activate the OTP sending service by texting to your mobile phone via the eBanking service by selecting in Settings → Profile → Disposable Code Settings. In the same way you can reactivate the ability to receive OTP via Viber.
It is a notification, received on your mobile device and used as an additional security measure, lasts only for two (2) minutes and through it the user can approve the execution of transactions that have been registered only through the eBanking service (using a browser).
In order for Push notifications to be activated, the user must: have chaniabank mobile app installed on his mobile device and registered his mobile device (The device is recorded using OTP)
Have chosen the specific method of Strong Customer Authentication through the relevant settings in the eBanking service : Settings → Security → Strong Customer Authentication
In order to complete transactions carried out in the eBanking service environment (using a browser), you will receive a Push notification on your registered mobile devices containing information about the transaction. Through this notification you can approve or reject the completion of the transaction.
Security in transactions
- The duration of each OTP received by text message via the Viber application or by SMS is two (2) minutes. If it is not used within the above period, you will need to request for a new OTP to complete the transaction.
- Each OTP is associated for the specific transaction that is being performed and cannot be used to carry out another transaction.
- An OTP code can be filled in incorrectly up to five times. The fifth time you incorrectly fill in the OTP code you will be asked to be send a new OTP in either way you want (SMS, Viber).
- The duration of each Push Notification is two (2) minutes. In case it is not used within the above period, the notice shall cease to be valid. It is possible to resent the notification with a message containing OTP via Viber or SMS.
- Each Push Notification is associated for the specific transaction being carried out.
- In case of loss of your phone device, or for any other reason you wish, you can disable the Strong Customer Authentication through the settings of the eBanking service. This feature protects you from possible unauthorized transactions to be made.