Financial Crime World

Secure Internet Banking Authentication with Swedbank

=====================================================

To maintain the highest level of security for its customers, Swedbank has implemented a system for reporting any unauthorized transactions or suspicious activity in account statements.

Reporting Unusual Activity

If you notice any unusual transactions in your account statement that were not authorized by you, please contact us immediately:

  • For private clients, call 6310310
  • For business clients, call 6132222

Secure Communication Channel

Swedbank encourages customers to report any security flaws or vulnerabilities they may have found in its electronic channels. To facilitate this process, the bank has established a secure email address: responsible-disclosure@swedbank.com, where customers can submit their findings.

Reporting Security Flaws

When submitting a report, please provide detailed information about the vulnerability, including:

  • The URL and type of flaw
  • Any relevant screenshots
  • Contact information (name, email, and phone number)

Swedbank will acknowledge receipt of the report and keep the customer updated on the status of the issue until it is resolved. Additionally, the bank assures that no compensation claims will be accepted for reporting security flaws.

Best Practices

To ensure the security of their data, customers are advised to follow these best practices:

  • Do not use vulnerabilities to access or attempt to access information that does not belong to you.
  • Do not use vulnerabilities to remove or modify information.
  • Do not affect the availability of our services.
  • Give us an opportunity to fix the reported vulnerability before going public with it.

Anonymity

While Swedbank allows customers to file reports anonymously, please note that the bank will not be able to respond or keep you updated on the status of your report if you choose to remain anonymous.

PGP Key

For added security, customers can use Swedbank’s public PGP key (Key ID: 0x0AD6CCAF) to encrypt their emails when reporting security flaws.

Security Tips

To stay safe online, Swedbank advises its customers to:

  • Update their browser and operating system versions as soon as updates are released.
  • Avoid sharing personal authentication means.
  • Keep their data (User ID, PIN codes, mobile phone number, etc.) confidential.
  • Never send authentication data by email or disclose login information unless initiated by the bank.

Smart-Id Security

When using Smart-ID, customers should:

  • Not keep User ID numbers together with authentication means and their confidential codes.
  • Never disclose personal numbers and authentication means by phone.
  • Always compare control numbers and read “see what you sign” if available.

By following these guidelines and reporting any security flaws or unusual activity, Swedbank aims to provide a secure and trustworthy online banking experience for its customers.