6. Pins and Password

This is an old version of the Code of Banking Practice. View the current Code

6.1 Pins and Passwords

 

 6.1 Pins and Passwords

  1. If PINs or Passwords are not issued to you in person or are not selected by you personally, the PINs or Passwords will be issued separately from any Card or other product or service with which they are to be used.
  2. Where PINs and Passwords are issued to you personally, we must be satisfied about your identity before allowing Cards to be issued or before you are given access to other PIN or Password operated services.
  3. We will inform you of the kinds of PINs and/or Passwords that are unsuitable. You must not use these PINs or Passwords. Unsuitable PINs or Passwords include:
    1. birth dates, months or years;
    2. sequential numbers (e.g. 3456);
    3. number combinations that may be easily guessed (e.g. 1111);
    4. parts of your telephone number;
    5. parts of numbers in the order in which they are printed on any of your Cards;
    6. other easily accessible personal data (e.g. driver licence, locker number or other numbers easily connected with you); and
    7. family, pet or street names.
  4. We will also inform you that you must safeguard your PIN or Password. For instance, you must:
    1. memorise your PIN or Password;
    2. not record your PIN or Password anywhere;
    3. not disclose your PIN or Password to anyone (including the police, bank staff or your family);
    4. ensure any authorised signatories on your account keep their own PINs or Passwords secure;
    5. take care to ensure no-one can see you enter your PIN at ATMs or when using EFTPOS; and
    6. report the disclosure or possible disclosure of your PIN or Password as soon as you are aware or suspect your PIN or Password has been disclosed.
  5. In addition, we will inform you that you should consider using a different PIN or Password for different Cards or equipment.
  6. We will conform to internationally accepted standards for methods of generation, storage and terminal security relating to PINs and Passwords, to ensure confidentiality and security for your protection.
  7. We will encourage third parties to maximise your PIN and Password security. For EFTPOS facilities on our own premises, we will ensure that new and replacement equipment is of a type that maximises your PIN and Password security.