You are viewing
New safety measure in the Android version of the Dah Sing Mobile Banking and 328 Business Mobile Banking
Starting from 26 May 2024, if we detect your Android device is at risk with apps installed from sources other than your phone's official app stores* and granted excessive permissions for these apps, your access to the Dah Sing Mobile Banking and 328 Business Mobile Banking from this device will be suspended to ensure your account safety.
Check the accessibility settings on your device and assess which app permission is necessary. When in doubt, delete them or turn off the accessibility settings for those apps (Go to device settings > Accessibility).
*Official App Stores include: Google Play Store, Samsung Galaxy Store, Huawei App Gallery, Xiaomi GetApps, LG SmartWorld Store, Amazon App Store, OPPO App Store, VIVO App Store, Meizu App Store, OnePlus Store, HONOR App Market.
We provide the following measures to ensure your banking information and account details are secure when you are using our e-Banking service:
Transport Layer Security (TLS) Encryption
TLS encryption is employed to ensure confidentiality. TLS is an updated and more secure version of Secure Socket Layer (SSL). It is an internationally recognised standard for information security. All data and information transmitted between you and our Bank through the Internet is encrypted by TLS encryption.
Firewalls
We also use firewalls to protect the inside of Dah Sing Bank's systems by refusing any unauthorised access.
Automatic time out
Online services will be automatically logged off when there is no activity for 10 minutes (for Dah Sing e-Banking (e-Banking), Dah Sing Mobile Banking (Mobile Banking), Dah Sing i-Securities (i-Securities) or Dah Sing Securities Trading (Securities Trading)) and 15 minutes (for 328 Business e-Banking or 328 Business Mobile Banking) in order to reduce the risk of others accessing your information from your unattended computer.
The Validity of Dah Sing e-Banking, Mobile Banking or Phone Banking Services
For security reasons, customers who haven't logged into e-Banking service, Mobile Banking or Phone Banking service for the past 60 consecutive months (i.e. 5 years) or above, all such e-Banking, Mobile Banking and Phone Banking services will be cancelled. To apply for such services again, you should visit our branch in person.
Security Team
To fight against computer hackers, Dah Sing Bank Security Team keeps track of any attempts to break into our security systems in order to ensure safe security.
Last Login Information
e-Banking, Mobile Banking, i-Securities, Securities Trading, 328 Business e-Banking or 328 Business Mobile Banking services also provide you with the information required for you to stay vigilant. Each time you log in, we provide information related to your last login session. If you find any discrepancies, please contact us immediately.
Channel for you to report actual and / or suspected security incidents
You should promptly call our Security Incident Hotline at 3101 3111 to report the incidences if you notice any unusual activities in your accounts (e.g. find or believe their PIN or devices have been compromised. Lost or stolen or that unauthorised transactions have been conducted over your account etc.).
To avoid unauthorised access to your account(s), you should refer to the security advice provided by us from time to time and pay attention to the following points:
Access your e-Banking / Mobile Banking service
Personal Identification Number (PIN)
You should log into e-Banking or Mobile Banking service by entering the correct combination of your e-Banking Login ID or User ID and Password. For security reasons, the system will log the number of login attempts, your e-Banking or Mobile Banking service will be temporarily suspended if you incorrectly key in your PIN for 3 consecutive times after the first input of incorrect PIN. You are required to contact us to resume the service during office hours.
Your only way to access 328 Business e-Banking or 328 Business Mobile Banking is to provide the correct combination of your Group ID, User ID, PIN and SMS One-time Password or fingerprint, Face ID, facial map or security passcode (if you have activated Security Authentication for 328 Business Mobile Banking). For security reasons, your PIN will be temporarily suspended if you repeatedly key in your PIN wrongly and exceeded the preset maximum number of login attempts. If you forget your password, you may refer to the solution under the section of "328 Business e-Banking FAQ".
Protect your PIN, One Time Password (OTP) and personal information
The PIN (including password for e-Banking, Mobile Banking, i-Securities, Securities Trading, 328 Business e-Banking, 328 Business Mobile Banking etc.) is used to secure your online transactions on e-Banking, Mobile Banking, i-Securities, Securities Trading, 328 Business e-Banking, 328 Business Mobile Banking, etc. And the One Time Password (OTP) is to validate your personal identity or authorize us to process specific banking services. You should take all reasonable steps to keep the PIN, OTP and any other devices (including but not limited to personal computers and mobile devices) used for accessing the e-Banking, Mobile Banking, i-Securities, Securities Trading, 328 Business e-Banking or 328 Business Mobile Banking safe, secure and secret to prevent fraud. In particular, you shall:
Never disclose your Password and personal information
We will never contact you and ask you for your Password and personal information for e-Banking, Mobile Banking, Phone Banking or ATM services through any means such as email, over the phone or in person. These include your Login ID or Group ID, User ID, Password, account number, credit card number, identification or passport number, address, phone number etc. Watch out for suspicious phone calls, email messages, SMS or phishing sites requesting for passwords and / or other personal information. On the other hand, we will never disclose such information in our emails other than your name for personalisation purpose, nor ask you to confirm any personal data by replying to our email.
Protect your computer
Protect your online transactions
Email and SMS are one of the main communication channels for both personal and commercial dealings. Nowadays, fraudsters may use fraud email and SMS or hack into victims' email accounts, computer or mobile device and cheat victims by all possible means to make remittances, credit card information, password, etc. to them. Some victims have suffered significant losses from such email or SMS scams. You should stay alert to suspicious emails / SMS and raise your awareness in preventing this kind of scam, such as taking the initiative to confirm the true identities of recipients by telephone, facsimile or other means before effecting remittances or transactions so as to prevent such kind of scam. Please read "Security measures to be taken by you" and preventive measures to mitigate the risk of hacking.
Please also note the following common characteristics of phishing emails.
Protect your Personal Digital Keys. Beware of fraudulent links
Protecting you from scam: SMS Sender IDs start with prefix "#" to indicate sender is registered
To help you detect scam SMS, we have implemented new security measures. Beginning on 28 Jan 2024, the majority of our SMS message will be sent using a "Registered Sender ID" that starts with "#". The presence of the "#" prefix guarantees that the SMS is sent by a verified and authorized sender. This will aid you in identifying potential fraudsters and phishing attempts through SMS message.
Please take note of the following enhancement we have made to combat phishing scam SMS:
The above measure is not applicable for.
Identify frauds and cyber pitfalls
Should you have any doubts on telephone number, email address, web address, platform account name or number, payment account etc, please use "Scameter" to assess the risk of fraud and cyber security. Learn more "Scameter" from the promotional video.
Make sure you are connected with us
Recently, there are some fraudsters sending phishing emails and SMS to customers of financial institutions. Such phishing emails and SMS will direct you to websites that mimic the look of the financial institution's website to capture your usernames, PIN and other personal information, credit card number and confidential banking information. Thus, it is important to make sure that you are connecting with us. To stay away from connecting with a fake website, never start an e-Banking, Mobile Banking, i-Securities, Securities Trading, 328 Business e-Banking or 328 Mobile Banking session through hyperlinks embedded in emails, Internet search engines, suspicious pop-up windows or any other doubtful channels. Always key in our website address www.dahsing.com directly from your browser to log in or select from your favourite if you have already added www.dahsing.com to your list of favourite Internet sites. This will prevent you from being sent to a fake website. Remember: No email or SMS from us will contain a hyperlink to our e-Banking, Mobile Banking, i-Securities, Securities Trading, 328 Business e-Banking or 328 Mobile Banking login page.
To ensure that you are connecting with Dah Sing Bank, look for the closed security padlock of your Web browser before you enter your User ID and Password or important personal information. A closed security padlock indicates a secure connection. Clicking the closed padlock will show you the digital certificate details.
Sample screen shot of Internet Explorer's certificate for your reference:
Dah Sing e-Banking
328 Business e-Banking
Note: After clicking the security padlock and you find the certificate contains any message different from what is illustrated above, please contact us for more information or assistance.
To prevent logging into to the fraudulent online services, please do not click any link in emails or from other websites for logging into Internet banking services.
If you find the website of the bank suspicious, you should not enter any information (including usernames, PIN) to the website and contact us immediately.
Security Tips for Mobile Banking, Securities Trading, 328 Business Mobile Banking and Security Authentication
Secure Access and Usage
Protect your Mobile Device
Safe Usage of Security Authentication
For further information, please click here to access the Government's Cyber Security Information Portal.
Security Tips for "FPS" Service
You should take the following security measures for using "FPS" Service, including:
Security Tips for WeChat Pay Hong Kong
You should take the following security measures for using WeChat Pay Hong Kong, including:
It has been our policy and priority to safeguard any information provided by you. We will strictly comply with the requirements of the Personal Data (Privacy) Ordinance. That means the internationally recognized standards of personal data protection will be followed or even exceeded where possible. It has been our commitment to train and enforce our staff to practise this Privacy Policy.
When visiting our website, we collect no personal data from you for only browsing, except updating the statistics on the number of visitors. Throughout the website, only the necessary information for applications or enquiry will be collected and you will be informed of the purposes and uses, retention period, possible transfer and disclosure and the right of access to and correction of the collected information on the respective screens. In order to ensure the security and confidentiality of personal data we collect, encryption techniques have been applied for data transmission. We will not collect any information from you without notice.
Once we obtain your personal information, only the authorised staff are permitted to access to that information and such information will not be revealed to any external organisations without your agreement unless it is required to do so by law. From time to time, we may send promotional materials regarding our products to you according to the collected information. We will stop sending the materials to you when you show us you preferences by writing or talking to us.
When you visit our website or click on our online advertisements, cookies would be stored in your device. "Cookies" are a small-text file retrieved by the site, as part of our interaction with your browser. We use "Cookies" to capture the information of your web pages visited, session identifiers and language preferences of Internet Banking login site while no personal information is captured in the "Cookies". The information gathered by "Cookies" may be used for session management, storing user preferences and tracking of web traffic statistics in which web visitors have visited and are interested in. Most web browsers are initially set up to accept "Cookies". You can choose to "not accept" by changing the settings on your web browser. If you disable "Cookies" in your web browser, you will not be able to log into Internet Banking and access some of the site functions. No personally identifiable information will be transferred to third-parties.
For further information, please click here.
We will continuously assess ourselves to ensure that our customer privacy is properly respected and protected. For details, please refer to the Notice to Customers relating to Customers' Data. Should you have any questions, please write or talk to our Data Protection Officer:
Dah Sing Bank Limited, GPO Box 333, Hong Kong
Fax: 2511 8566
*The Chinese version of this Internet Security is for reference only. If there is any conflict between the English and the Chinese versions, the English version shall prevail.
For Hong Kong Monetary Authority (HKMA) Major Tips on Protection of Your Computers and Mobile Phones, please click here.