Apple Pay uses security features built into your device to help keep your details safe. To learn more about Apple Pay’s security features, see here.

Like all payment types, criminals can find ways to exploit systems and victims to commit fraud, and the chance of recovering losses is low. At Triodos Bank, we’re here to help you stay informed and safe, so you can protect yourself from financial fraud.

The chance of recovering losses isn’t necessarily because of fraudsters exploiting these systems, so would recommend changing back or creating two separate sentences

1. Check your account regularly

Criminals can steal your debit card details in a variety of ways. Common methods include:  

• Data breaches: This happens when a third-party company that stores your personal and debit card information is hacked or the subject of theft.
• Phishing, SMSishing and Vishing: This is when criminals create a request which appears to be from a legitimate source, for example a ‘missed delivery’ text, but they are actually intended to steal your personal information.
• Card skimming: This is when criminals install or hack into a physical device to steal your debit card information, for example at an ATM or a Point of Sale machine.

Criminals can then load the stolen card details onto their device to carry out fraudulent transactions using your money. In some cases, they may wait months before making fraudulent transactions. We strongly recommend that you check your account regularly for any unusual or unrecognised transactions and contact us immediately using the phone number on your debit card, or at the bottom of this article if you notice anything out of the ordinary.

2. Contact us immediately if your device is lost or stolen

If your phone ordevice is lost or stolen, criminals can use Apple Pay to carry out fraudulent transactions. Be wary of using the same PINs and passcodes for multiple accounts. Ensure that sensitive data such as login information and passwords aren’t stored in places that a criminal could access if your device was lost or stolen.

If you lose an Apple Pay enabled device, you can remove your debit card from Apple Pay by placing your device in 'Lost Mode' via Find My iPhone or by 'Removing All Cards' on icloud.com.

Visit our FAQ on what to do if your device is lost or broken to learn more.

3. Be wary of requests for One Time Passcodes

For Apple Pay, one-time passcodes are sometimes used to authorise the linking of your debit card to a new device.

Criminals are increasingly exploiting one time passcodes (OTPs) to register stolen card details to fraudulent devices.

There has been a surge in online scams where victims are tricked into providing card details when purchasing goods advertised through social media platforms (for example Instagram and TikTok) or fake websites. Criminals are then able to link the victim’s card to one or multiple fraudulent devices, by convincing the victim to provide a one-time passcode to complete the purchase.

Genuine purchases will never require you to provide one-time passcodes.If Triodos requires authorisation for a purchase made online, we will send you a secure request to approve the payment through your Triodos Mobile Banking App (or Internet Banking if you do not use the Triodos App).

Remember: Triodos will never ask you to share a one-time passcode.