You might not always be aware of it, but we spend a lot of time in the background making sure you're safe. Our security experts really are the invisible heroes of first direct - and they'll always be working to make sure you're kept perfectly safe.
It's our job as a bank to make sure both you and your money are kept safe, and so we've invested heavily in measures to make sure that happens. But if the worst were to come to the worst and you had money taken from your account as the result of a computer crime, we promise we'd repay it in full as long as you've followed the recommendations listed in our terms and conditions.
For a start, we use usernames and passwords to make sure we're dealing with you and only you. Online access to your account is only possible once you have verified yourself using the internet banking username, password and memorable answer. For this reason it is vital that you do not share your password and try not to use the same password for other services.
When you log in to Internet Banking, you are in a secure, encrypted session. This should be clear because the web site address begins "https://" and a closed padlock symbol will be displayed in the lower right hand corner of your browser. Customers using more recent browsers (e.g. Microsoft® Internet Explorer 7 or Mozilla Firefox® 2) will see the padlock in, or next to, the web site address bar.
For your added confidence, we use a special type of security certificate - known as Extended Validation SSL Certificates - on our secure sites. In newer browsers (e.g. Microsoft® Internet Explorer 7 or the latest version of Mozilla Firefox® 2), as well as seeing the "https://" and the closed padlock symbol, the address bar will turn green and display the name of the certificate owner - first direct Bank (HSBC Holdings Plc) in Internet Banking - and the certificate issuing party. This display helps you to identify genuine first direct content and makes it harder for a potential fraudster to make a credible copy of our web site. If you are using Microsoft® Internet Explorer 6 or other older browsers, you will just see the "https://" and the closed padlock symbol.
Encryption converts data into an encoded form before it's sent over the Internet. It stops unauthorised users from reading the information. Our use of 128-bit Extended Validation SSL Certificates provides added reassurance (to IE7 users) that they are on the first direct website and that data passing between us is encrypted to industrial standards.
Any email service within internet banking is similarly protected with encryption technology (unlike regular email which is not usually secure). Depending on browser settings, a pop-up window may appear to notify you that you will be entering a secured page.
If you forget to log-off or your computer remains inactive for a period of time during a session, then our system automatically logs you off.
We use many layers of security - for obvious reasons we're not going to disclose all of them (or we'd have to kill you etc etc), but we typically use the following:
After a number of incorrect attempts to log in, we disable online access to your account. To re-activate your account, just give us a call on 08 456 100 234.
first direct is a division of HSBC Bank plc. © HSBC Bank plc 2008. All Rights Reserved. Member HSBC 
Group.
Because we want to make sure we're doing a good job, we may monitor or record our calls. We hope you don't mind.
