We're committed to protecting you and your money when you bank online with us.
There is protection provided by the Payment Services Regulations 2017. If funds are taken from your account because of fraud, we'll refund you and put your account back to how it was before the fraud took place.
There are some circumstances where this protection isn’t available. For example, if you've acted fraudulently, or you haven’t taken reasonable steps to keep your information safe.
The information on our website is split into 2 area types: 'freely accessible' areas and 'secure' areas.
- Secure areas are where we keep personal information. Read our ‘Your security details’ section below to find out more.
- Freely accessible areas include our public website.
We don't mind who visits the freely accessible areas and we don't check on who does. None of your personal information is kept there, just general information about our products and services that anyone can have access to.
Internet security technology is very good. In line with the industry standard, we're using two-factor authentication to check it's you when logging on and using Mobile and Online Banking.
Any information sent between you and Santander when using the Santander online service uses strong industry-standard security technology.
The secure areas are where we keep personal information, which is why you have to enter security details or biometrics. For example, you'll use the secure areas of our site when you access your accounts online or apply online for an account.
You can check if an area is secure by looking at the address at the top of your browser.
- A secure area's web address will begin https:// rather than http://
- You can also tell this by the padlock symbol that's found next to the web address in some browsers.
Any information you submit online is protected by data encryption. Your browser scrambles the information, which is later unscrambled when it gets to us. It can’t be read along the way.
You may come across the term 128-bit SSL (Secure Socket Layer) technology. This is the way the data is scrambled and unscrambled again at each end. The latest browsers have this built in, and it’s automatically enabled unless you turn it off.
To prevent problems viewing secure sites like ours, it's always a good idea to have the latest version of your browser installed. For more help, contact us to speak to our technical support line.
Changing your security details
When you access your account online for the first time, we ask you to change your allocated Security Number to a more memorable number.
You can change your Passcode/Password and Registration /Security Number at any time. You just need to:
- log on to Online Banking
- click 'My details and settings'
- choose an option from the 'Change security settings' page.
When changing your Passcode/Password, use longer words or phrases to make it strong and unique, and you should include numbers to make it even more secure. Keep in mind that you should never use the same Passcode/Password more than once.
You must choose:
- a personal Passcode/Password made up of letters and digits only. It must be between 8 and 16 characters long
- a Registration/Security Number exactly 5 digits long.
Make your security details harder to guess.
- Don’t choose a code that includes repeated characters, e.g. 1111aaaa.
- Don’t include sequential characters, e.g. 23456789.
If someone finds out your security details
If you think someone may know your security details, you should change them immediately. Please visit our Online Banking guide to learn how to change your security details.
Alternatively, you can contact us
Our website's secure areas
We only request and display personal information about you and your accounts and dealings from secure areas of our site.
The same security measures, including data encryption and passwords, apply to all our online application and transactional processes. These services are also protected by firewalls. This technology monitors and prevents any unauthorised access to our computer systems (where personal data is kept), which means unauthorised people can’t access account and personal details.
Our golden rules for safe Mobile and Online Banking
To help you keep your Mobile and Online Banking activity more secure, we recommend you follow some sensible rules.
Your security details
Keep your security details safe at all times and avoid writing them down.
Never tell anyone what they are, even if you share a joint account with them. Don't even tell a Santander employee. While we might ask you to confirm certain characters from your security details to identify yourself when you contact us, we’ll never ask you to tell us the entire thing.
Your home computer or device
- Try to keep your computer or device secure using anti-virus software and firewalls. You may want to research and compare anti-virus software packages from leading and reputable brands (such as McAfee and Norton) to make sure you get one that's right for you.
- Install the latest security updates to your system software as they become available. By keeping them up to date, you’ll have the latest protection for the most recently found viruses.
- Always access the Santander Online Banking service by typing in the exact address (santander.co.uk/logon).
- We also recommend downloading Trusteer Rapport. Rapport works alongside your existing anti-virus and firewall software to give you the more protection, even if your computer has a virus.
- Avoid sending your account or personal details by email because there’s a risk it could be intercepted on the way.
- Don't reply to or use links within emails asking for your personal security details. Nobody needs to know them except you, not even us.
- Be wary of ‘spam’ emails, especially those offering you the chance to make money and those pressuring you to take urgent action or to reset passwords or security details. Spam emails are, at best, an inconvenience (the electronic equivalent of junk mail) and at worst, sent by untrustworthy people trying to defraud you.
Here are some simple ways to check if an email is genuine or not.
- Is it from a person or company you recognise?
- When you hover over the sender's name or button, does the embedded link match the company? On a mobile device, you'll need to hold down and a pop-up will show you the link.
- Is the company's name spelt correctly? Does the email have poor spelling, grammar, or layout?
- Is there a sense of urgency or pressure for you to act with time-sensitive deals?
Using other computers or devices
- When you access your accounts or apply online, be extra vigilant and be aware of who can see your screen.
- Never leave the computer or device alone while you are logged on to Mobile or Online Banking.
- If you use a computer in an internet café or use a public Wi-Fi (wireless) internet connection, always make sure you log off successfully when you’ve finished and close down your internet browser once you've logged off. Simply disconnecting from the internet itself isn't enough. Learn more about how to avoid the risks when using a public computer
- Never save a password on a shared computer.
General guidance
- Online Banking customers are recommended to use programs to wipe their hard drives before they sell or give away their computer or device.
- If you get an email that claims to be from us asking you to click a link or provide personal information about your account, don't click on it or offer any details. Please forward these emails to phishing@santander.co.uk and run a virus scan on your machine.
- Check your statement regularly. If you spot anything unusual, please get in touch
- If you have any problems, our team is here to help. Please contact us for more information. Or you can visit your nearest branch
If you've been inactive in Online Banking for 5 minutes, we'll automatically log you off for your protection.