As you'd expect from a bank, we take security very seriously - here are some things we do to keep you safe. To help you spot fraud, we’d also like you to know the things we’d never do.

What we do

• Provide around the clock debit card transaction monitoring.
• Provide 24/7 phone support to answer your questions about your debit card.
• Give you the ability to block your card in the Triodos App or Internet Banking.
• Temporarily block accounts and debit cards if fraudulent activity is suspected.
• Automatically log you out of Internet Banking and the app after a period of inactivity.
• Keep you up to date with fraud protection advice.
• Send text alerts when online or card transactions are made.
• Temporarily suspend your Internet Banking if left dormant for a long time.
• Monitor payments to assess whether the payment you are making is likely to have been made as part of a scam.

What we’ll never do

We will never contact you out of the blue to ask you:

• For your mobile app passcode.
• For your digipass PIN.
• For your card number or PIN.
• To transfer money out of your account.
• To click a link in an email to our Internet Banking.
• To download any software onto your PC or mobile phone.
• To authorise or cancel card payments through the app, or approve “refunds”.

If in doubt, call us on the number on our website, or delete the email without opening it.

Learn more about how to stay safe online or visit the action fraud website.

Bank impersonation fraud is when a fraudster impersonates someone from the bank in order to trick a victim into making payments to a fraudulent account.

What a fraudster might do:

• A fraudster usually calls their victim, though may use email or another contact method. It’s likely they already know information about the victim, including their name and who they bank with.
• While impersonating the bank staff member, the fraudster might tell the victim their account is under threat and they need to make payments to a “safe account” or set up payments in order to “block the funds”.
• The fraudster might ask for details from the Digipass so they can access the account and make payments to the fraudulent account themselves.
• The fraudster might ask the victim to download screen sharing software so they can view or control the victim’s computer. This can make it easier to take control of the account.
• In any scenario, the fraudster will foster a feeling of panic in order to get the victim to comply with their requests as quickly as possible.
• Fraudsters might also impersonate other well-known, trusted companies such as Microsoft, Apple, BT or HMRC.

What Triodos Bank will never do

• We’ll never call you to tell you to log into internet banking or to make a payment to a “safe account”. If we believe your account to be under threat, we can block the account ourselves and do not need you to do anything from your end.
• We’ll never ask you for your full Digipass number or your Digipass PIN.
• We’ll never ask you to download any software onto your PC or mobile phone.

What you can do to protect yourself

• Never give out your personal details to someone who has called you unexpectedly.
• Never download any software onto your PC or mobile phone when asked by someone over the phone or by email – even if you think you are speaking to a trusted organisation.
• Never give anyone your Digipass number or your Digipass PIN. Triodos will never ask for this information.
• Do not let someone else use your Digipass – even a colleague or family member. Your Digipass is assigned to you as an individual and must only be used by yourself. If you leave your place of work, please let us know and we can arrange for your Digipass to be cancelled.
• If you are unsure about someone who has called you claiming to be from the bank or another company, hang up and call back on the company’s published telephone number.

For card related fraud, block your card in the Triodos Mobile Banking App or in Internet Banking. Then, please call us on 0330 355 0355 (or +44 (0)1179 739339 if calling from abroad) to speak to our 24/7 card services department.

For other fraud issues and queries, we're available 8am-6pm Mon-Fri (9am-6pm Thu), and 10am-4pm weekends.

We’ll ask you for all relevant information related to the scam, loss or theft and in some cases may ask you to report this to the police.

We’ll advise you on any next steps, and we may provide you with advice to help keep your account secure whilst we investigate.

Where Fraud is confirmed you should also report it to Action Fraud – the UK’s national fraud and cyber crime reporting centre:

• Call: 0300 123 2040
• Report it online: actionfraud.police.uk

If your card or security details are used to make a payment or transfer without your permission, we will refund the full amount (minus £35 where applicable) of the payment as soon as is operationally possible. This includes repayment of any interest or charges incurred as a result of the payment. However, you must notify us as soon as possible and no later than 13 months after the debit date. After this time we will not be able to issue a refund.

You may have to pay up to £35 if:

• Your card is used after being lost or stolen
• You fail to keep your security details safe

You may be responsible for money taken from your account up until the point you report it to us, if you:

• Don’t keep your card or security details secure
• Don’t tell us as soon as possible that your card is lost or stolen
• Share your card, digipass or security details with a third party
• You were aware that your account had been compromised at the time that the payment was made and you failed to tell us.

You will not be responsible if you’re unable to notify us because our phone lines are unexpectedly unavailable or closed, as long as you call us when our lines open the next day.

In order to safeguard your personal information and money we require a three stage login process for internet banking, one of which involves the use of a digipass. This is similar to the card reader facility at some other banks and is used along with other systems to ensure your finances are kept safe. We constantly review our security measures and publish guidance on steps that can be taken to prevent fraud such as the Take 5 campaign through FFA UK.