JavaScript is required for this site to function.

customer care center

 

0860 654 222

       

banking

login



what is the Go Account?chargesratesget Money Back self service banking Terms of use FICA FAIS Terms & conditions NCA information


Terms of use

 

 

Online Security

When you entrust your money to Go Banking you expect us to look after it! We take stringent steps to ensure that ONLY YOU (or someone authorised by you) can gain access to your account(s). After all, we have to confirm your identity when you transact at Pick 'n Pay Stores, so naturally we need to take the same precautions when we communicate with a device or person electronically.

It is also important that information we pass to each other over the internet is secure. We need assurance that data and your account details are not disclosed to third parties on the internet. We also need to know that the device or person with whom we are communicating is who they claim to be.

Go Banking has implemented a solution that makes internet banking completely secure. Here are some of our security measures. Select the security component you would like to know more about from the Online Security list on the left.

Go Banking Internet Banking's standard security measures:


  • 128 bit encrypted Secure Sockets Layer (SSL) for all connections.
  • Conforming to international standards, this technology encodes information passing between an online user and a web server.
  • Randomly generated client identification (profile number).
  • Personal Identification Number (PIN), selected by the client.
  • Server safety (behind firewalls, regular checks, transaction limits): l All servers used for access to client data and transactions are
    behind firewalls and we have regular vulnerability checks in place.
  • A client profile is locked out after three incorrect PIN attempts.
  • Go Banking Internet Banking enforces transaction limits on
    transfers and account payments. Clients have the option of
    lowering these limits if necessary.
 
Additional security measures provided on Go Banking Internet Banking:

  • In addition to the PIN and profile number, Go Banking Internet
    Banking also requires a complex password. This means that Go Banking Internet Banking uses an alphanumeric password.
  • Having a password in addition to the profile and PIN provides
    additional security.
  • All information pertaining to client security access codes (PIN and password) is stored in an encrypted format and is thus known only to the client.
  • Profile numbers (these are not derived from client account
    numbers - for greater security these are randomly generated at time of issuance).
  • One time PIN: For any transactions over R1000.00 that a client wishes to make to any bank account in South Africa and that is not already pre-selected on the profile, an additional level of security is required. This is achieved by using Short Message Service (SMS) functionality via mobile phones in order to authenticate the client and authorise a third-party payment. The same security requirement allows clients to add beneficiaries to their profile.
  • When loading a new account on the Go Banking Internet Banking system or making a once-off payment to beneficiaries with accounts at any bank in South Africa, a reference number is sent via SMS to the client's mobile phone. This reference is then used to proceed with the transaction. (A great advantage of the SMS security feature is that the SMS reference number changes automatically each time the client uses Go Banking Internet Banking to add beneficiaries and make one-off payments). The option to reduce the R1000.00 transaction limit to zero via Go Banking Internet Banking is also available.

 

User authentication

Before you start using Go Banking's internet banking facility, you need to first contact the Go Banking Client Care Centre on 0860 654 222 to receive your profile number and PIN.

When you first use Go Banking's internet banking, enter your profile number and authenticate it by adding your PIN. In the interests of security you will also be required to create a password. From then on, whenever you bank online via Go Banking, you must enter your profile number, PIN and password.

In a further attempt to ensure that no one else accesses your banking details, Go Banking internet banking automatically terminates your online banking session if you leave your computer unattended for more than eight minutes. Leaving your computer unattended while you still have access to your banking details is much like leaving your wallet on your desk and gives unauthorised people access.

If either your PIN or password is entered incorrectly three times (or if you have forgotten either), they will no longer be valid. Rather a nuisance, as you have to contact the Go Banking Client Care Centre to arrange for another temporary PIN. But a little inconvenience is better than a big loss!

 

Encryption

When confidential information (e.g. profile number, PIN, password, account details and transactions) is transmitted over the internet, Go Banking encrypts it to protect it from unauthorised people.

What is encryption?

Encryption converts a meaningful message or other information into something meaningless to those without the authority to view it. It also allows an authorised person to 'decrypt' the message, ie to convert it back into its original form. Encryption and decryption make it possible to pass messages between two (or more) people/computers without allowing anyone else to understand them.

Obviously the internet has to use ultra-strong encryption techniques. Their effectiveness depends partly on knowing how the data is encrypted, and partly on the length and confidentiality of the keys used. These software keys lock/unlock your confidential information, just as a real key locks/unlocks a door.

Without knowing what key to use to decrypt protected information, a criminal would have to try every possible combination of bits to find it. This would probably need far more computing power than is available to the most sophisticated criminal syndicate - and would take longer than a human lifetime.

What kind of encryption does Go Banking use?

Go Banking doesn't encrypt information that is publicly available. Your online banking session, however, is protected by the highest level of security, provided by an internationally tried-and-tested encryption technique that is significantly stronger than the 40-bit-key industry standard.

Without getting too technical, our technique is based on Secure Sockets Layer SSL standard (of a similar strength to that used by other leading international internet banks) that encrypts information between your web browser and our banking World Wide Web server.

Traditionally vendors such as Microsoft™ and Netscape™ were subject to US export regulations, which prohibited the export of any encryption products stronger than 40 bit. At the end of 1997 these regulations were amended to allow approved financial institutions in certain countries to use web servers capable of 128-bit SSL connections. To be able to use this high level of encryption authorised financial institutions were issued with a special Server Gated Cryptography (SGC) certificate. SGC security functionality was possible only with a SGC-capable browser, such as Microsoft Internet Explorer 4.0 or higher (IE4/5) or Netscape Communicator 4.04 or higher.

How do I encrypt my secure communications with Go Banking?

If you have the browsers Microsoft IE 4.0 or higher, or Netscape Communicator 4.04 or higher (both of which are SGC-capable), you'll be able to access Go Banking's internet banking without any additional software. These browsers supply 128-bit encryption to Go Banking, and 40-bit encryption to non-banking sites that require encryption.

How do I know when my communication with Go Banking is encrypted?

If your browser is Microsoft IE4.0 or higher
To verify your 128-bit connection drag your mouse pointer over the lock on the status bar at the bottom of your browser. A pop up box will display 'SSL Secured 128 bit'. To establish encryption strength if the lock is not displayed view the site certificate contents in the 'Properties' option under the 'File' menu bar item, and then select the 'Certificates' button.

If your browser is Netscape Communicator 4.04 or higher
To verify the security of your connection click on the lock displayed at the bottom of the initial logon page. (Subsequent pages do not display the correct security information.) A 'Security info' page will be displayed with two options, namely 'View certificate' and 'Open page info'. When selecting the latter the page information, which includes the security status of the page, will be displayed. Ensure that the status is as follows: 'This is a secure document that uses a high-grade encryption key for US domestic use only (RC4, 128 bit)'. This information can also be viewed by selecting the 'Page info' option in the 'View' menu bar.

 

Site Certificate

If you want to be sure that you're at the genuine Go Banking internet banking site, look for our website signature, in the form of digital certificates. These confirm that you are connected to the correct site.

To use this facility always check the certificate to ensure that it is valid, as described above. Certificates have to be verified on the Go Banking internet banking site.

How to verify the Go Banking internet banking site certificate if you use a SGC browser:

The Microsoft IE4.x or higher browser allows you to view a site certificate from the 'Properties' option under the 'File' menu bar item at the top of your screen.

The Netscape Communicator 4.04 or higher browsers allow you to view a site certificate from the 'Page info' option under the 'File' menu bar item at the top of your screen.

Both the Microsoft Internet Explorer and the Netscape Navigator and Communicator browsers should display the following key information:

This certificate belongs to:
CN = gointernetbanking.co.za
OU = Technology and Operations
O = Nedbank Limited
OU = Member, VeriSign Trust Network
OU = Authenticated by SACA
OU = Terms of use at www.saca.net/RPA (c)00
L = Sandton
S = Gauteng
C = ZA
This certificate was issued by:
OU = www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
OU = VeriSign International Server CA - Class 3
OU = VeriSign, Inc.
O = VeriSign Trust Network
Serial Number: 78A1 7966 2330 6A50 16B1 D1CA 01C9 6A8C
Signature alg: md5RSA

 

Firewalls

Firewalling is a barrier between a sensitive internal network (as used by Go Banking) and the internet. Go Banking's state-of-the-art firewalls protect our computers and your data, reinforced by other high-security measures designed by experts and continually reviewed by specialists.

 

Safety measures:

  • Ensure that no one has unauthorised access to your PC and no person by means of physical presence can install unauthorised software on your PC. For example, password protection is a means of protecting your PC.
  • Ensure that you make use of only licensed software on your PC.
  • Wherever possible make sure that your operating system, browser and mail are running on the latest version and you have installed all the latest service packs and hot fixes.
  • Ensure that your mail client is configured not to allow system generated e-mails to be sent without your confirmation. This will prevent applications sending unauthorised emails.
  • Install recognised, anti-virus and desktop firewall software on home computers in order to protect against viruses and other malicious programs (including spyware). Update this regularly. This software is available from all leading computer suppliers.
  • Do not open suspicious or unfamiliar e-mails.
  • If possible install desktop firewall for spyware detection.
  • Ensure that you have control over the shared folders on your PC as a shared folder could make your PC vulnerable to unauthorised installation of suspicious software.
 
General safety tips when using Go Banking Internet Banking:

  • When accessing Go Banking Internet Banking make sure that you verify the site certificate.
  • Ensure that you are on the secure Go Banking Internet banking website by checking that the URL begins with "https" rather than"http".
  • Always ensure the secrecy of your Profile number, PIN and Password.
  • Never disclose your PIN number and Password to anyone. This information is stored in a manner that bank employees cannot access.
  • Regularly change your PIN and password.
  • Make sure that you log off and close your browser after banking online.
  • As an added security measure, Go Banking Internet Banking makes use of a cryptographic generated reference number which is sent to you via an SMS on your mobile phone. This feature ensures two-factor authentication when performing selected functions.
  • Your electronic banking profile number is not a derivative of any of your bank account numbers.
  • Check your statements regularly for any unauthorised entries.
  • Ensure that your daily transaction limits are at a level that suits your needs and that the limits are not higher than necessary.
 
For further information on Go Banking Internet Banking security, click on the 'Online Security' link on the logon page or contact the Go Banking Client Care Centre on 0860 654 222.