BMO Financial Group - Your Security. Our Priority.
  close  

Your Security. Our Priority.

 
 
 
 
 

A Few Words on Security

We work hard to protect your confidential information and privacy when dealing with us online. A secure login process and strong encryption are only the first steps in helping to prevent others from accessing your account information online.

When you connect to the Internet, the Internet also connects back to you. Even before you connect to the Bank's web site, someone out there could potentially get access to your computer. Also, as you surf the Internet, there is a trail of information left behind.

The Canadian Banking Association offers monthly fraud prevention tips via e-mail. Find out what you can do to protect yourself by signing up today to receive their tip of the month.

 

Online Banking Guarantee for Personal Banking Customers

For nearly 190 years, BMO Bank of Montreal has been committed to the privacy and security of customer information.  In any business, confidentiality of information is important; in financial services, it is critical. We continually strive to do our utmost to ensure your information is protected.

Our promise: We will reimburse you 100% of any losses to your Personal Banking accounts resulting from unauthorized transactions through Online Banking.  For complete details of your obligations and responsibilities, please refer to our Bank of Montreal FirstBanking Automated Services Agreement.   This guarantee is provided by BMO Bank of Montreal only to personal banking customers in connection with its Online Banking service.

Back to top

Security Considerations for Safe Online Banking, Investing, Credit Card and Insurance services

What We Do

Some of the security measures we have in place to help protect you when using our Online Banking, Investing, Credit Card and Insurance services include:

  • Strong encryption technology to help ensure that data passing between your PC and our web server is secure, therefore you must have a browser that supports this level of encryption (in technical jargon: 128 bit encryption)
  • Digital certificates issued by trusted third party companies to let you know that our site is secure and genuine
  • Automatic log out after 10 minutes of inactivity
  • Firewalls to protect your information with us

What We Don’t Do

  • We never send you messages asking you to provide us with personal or account information via email (see email scams and “phishing” for more information). Please keep in mind that email messages are not encrypted and therefore, subject to being intercepted and read by third parties.

What You Can Do

Here are some of the security measures you can take to protect your confidential information when you use the Internet:

1. For Online Banking, Online Investing, Credit Card and Insurance Security

Do The Following:

  • Always verify the Bank's web site name in the "Address" (Internet Explorer) at the top of the browser, for example: www.bmo.com, www.bmoinvestorline.com, www.bmo.com/mosaik or www.bmolife.com
  • If you use Interac®* Email Money Transfer, you will be asked to click on a link which will redirect you to a secure gateway. Please check the web site address or location (the URL)
  • If you need to send us confidential or personal information, sign into your secure session and follow the instructions in the “Contact Us” link at the top of the page
  • Keep your debit and credit cards and passwords/PINs (Personal Identification Numbers) safe. Do not divulge your passwords/PINs to anyone
  • Change your passwords regularly following guidelines on how to choose a strong password
  • Always log off to end your secure session. We will automatically log you out of a secure session left idle for more than 10 minutes
  • Once logged off, delete all traces of your secure session from the memory of your computer. Learn more about how to clear your cache
  • Make sure nobody watches you if you are using any of our secure services (e.g. Online Banking, Online Investing, Mosaik MasterCard services or BMO Life services)

Avoid the following:

  • Using software that "memorizes" passwords. Yes, we know, it's convenient, however, somebody else might be able to use them too
  • Leaving your computer with a secure session running. We will automatically log you out of a secure session left idle for more than 10 minutes. Any unfinished transactions will not go through
  • Sending confidential or personal information through email, as it is NOT a secure method of contact
  • Using a computer in a public place (for example in a library or an Internet café) to conduct financial transactions with us – protect your privacy and understand the risks of using someone else’s PC for your secure sessions

2. For General Computer Security

Take these steps:

  • Be sure to scan your PC frequently with an updated version of antivirus software. Nowadays, antivirus updates come out at least once a week
  • Consider using a personal firewall. You can use either software-based or hardware-based firewalls. Learn more about personal firewalls
  • In order that your home network remains private and secure, please ensure you have changed the default password associated with your router. Additionally, if you use a wireless router, please ensure you have enabled the appropriate encryption and security options. For assistance with these matters, please consult the documentation provided by your router’s manufacturer, or visit the manufacturer's website.
  • Protect your computer, especially if you are using a cable modem or DSL connection by disabling file sharing in Windows products
  • Update your PC’s operating system and the browser with security patches on a regular basis. Check Microsoft's Windows O/S and Internet Explorer frequently for recently published security patches
  • Back up your data regularly

Avoid the following:

  • Sending any confidential information (including SIN, account numbers, passwords, PINs) via regular email. If you need to send us confidential or personal information, sign into your secure session and follow the instructions in the “Contact Us” link at the top of the page
  • Accepting files or attachments when accessing websites, newsgroups or chat rooms, unless you are very sure of their authenticity

3. For General Financial Services Security

Do the following:

  • Report stolen/lost cheques, credit and debit cards immediately
  • Review your monthly financial statements and report any discrepancies and/or unusual account activity
  • Sign your debit/credit card as soon as you receive it

Avoid the following:

  • Sending us information regarding your account numbers, credit card numbers and/or PINs and passwords via email

Remember:

  • Emails are not encrypted

Back to top

Beware of software downloads with offers of “free services”

Organizations that capture information about usage and buying behaviour patterns on the Internet are now emerging. Some of these organizations monitor individual Internet activity through software downloaded to your personal computer or on a public computer you use.

This includes everything you type on your computer: your card numbers, account numbers and passwords. It also includes the personal and confidential information on the secure pages that you browse and the personal and confidential information you provide when you use our otherwise secure online applications (e.g. loan applications, mortgage applications and online account opening applications).

You may have knowingly downloaded this software in exchange for free services, or you may be unaware that it is on your PC (for example, if you download several software programs bundled into the same download).

“Beware” of downloading software with offers of “free email virus protection” or a “no cost Internet accelerator” or other such enticements if you have to give up your privacy and the security of your online financial transactions. These offers can result in a third party company monitoring your Internet activity.

Understand the risks – don’t compromise your privacy and online security

Some of these companies monitor all of your Internet behaviour, including your normal web browsing and the activity you may have through secure sessions, such as shopping or filling out an online application form that may contain your personal financial information.

When you access our secure online services (e.g. Online Banking, Online Investing or Online Credit Cards services) on PCs that have this monitoring software installed, your otherwise secure session information runs through third party computers and gives the third party access to your confidential information.

We do what we can to provide you with a safe and secure online environment. We also need you to take the appropriate measures to secure your personal computing environment. We strongly recommend that you avoid using computers with third party monitoring software installed when you conduct your online financial transactions with us to safeguard your privacy.

Removing Third Party Software from your computer

Removing such software from your PC can be difficult. We suggest that you install and run spyware detection software*. For more information on removing spyware from your PC, search the keyword “spyware removal” through any of the following:

“Marketscore” and “Netsetter” are two known examples of Internet usage monitoring programs. Although they may not strictly qualify as “spyware”, we do not recommend that you use PCs to conduct financial transactions with us when “Marketscore” and/or “Netsetter” software is installed.

*Please note that removing third party software from your PC can be difficult. You may want to consult a trusted third party that specializes in computer maintenance and repair for assistance.

Back to top

How to Protect Yourself from “Phishing” and Email Scams

You may have experienced or read about recent incidents of unsolicited email messages masquerading as legitimate companies that trick recipients into divulging personal and financial information.

These “phishing” (also called "brand spoofing") emails send you to web sites pretending to be legitimate companies that ask for your personal and financial information.

At no time do members of BMO Financial Group request personal or financial information by sending out unsolicited emails. You should never send personal identification numbers or other personal confidential information by email as it is not a secure method of contact.

How The Scams Work

A common email scam uses unsolicited email to deceive consumers into disclosing confidential personal information. The deceptive email suggests clicking on a link or attachment for any one of the following reasons:

  • Change / update to personal information
  • Contests
  • Possible suspension of client cards or accounts
  • Application for products

After clicking on an attachment or link from the unsolicited email, the user is taken to a bogus site that requests confidential personal information, which could include:

  • Bank Card Numbers/User ID's
  • Account Numbers
  • Personal Identification Numbers (PINs)
  • Credit Card Numbers
  • Social Insurance Numbers
  • Other Personal or Private Information
  • Passwords

How to Identify the Scam

There are some commonalities that can help you identify the scams:

  • They are designed to mimic the look and feel of a genuine site
  • They are most commonly sent out through unsolicited emails, containing links or attachments
  • The Web address will often have the @ symbol or a numeric address (eg.123.456.1.2). The address may also include the word, phrase or text 'bmo' to make it appear authentic.

How To Help Protect Yourself

It is important to understand that there are ways in which you can help protect yourself from email fraud and web sites that request your personal or banking information:

  • If you receive an email pretending to be from a member of BMO Financial Group that asks for personal or financial information, do not reply or click on the link in the email. To ensure that the email is legitimate, contact us immediately:
BMO Bank of Montreal Online Banking: 1 888 725-9801
BMO InvestorLine: 1 888 776-6886
BMO Nesbitt Burns: 1 877 873-7664
BMO Mutual Funds: 1 800 665-7700
BMO Harris Private Banking: 1 800 844-6442
Mosaik MasterCard: 1 800 263-2263
  • Always enter your BMO Financial Group web site using your bookmarks or any of our published URLs.
  • Review your financial statements regularly for unauthorized or suspicious transactions.
  • Never send personal and/or financial information via unsecured email.
  • Do not trust email headers. They can be easily forged.

Back to top



How to Protect your Debit Card and PIN

Canadians use debit cards millions of times a day at banking machines and point-of-sale terminals to access their accounts and make purchases.

About debit card usage:

  • Debit card use is an extremely safe banking process - debit card fraud affects only a small percentage of accounts.
  • BMO Financial Group has sophisticated security systems and fraud teams in place to protect your accounts.
  • In the unlikely event that debit card fraud does occur, in circumstances beyond your control, your accounts will be reimbursed.

Taking steps to protect your debit card and PIN will help reduce your own risk of being a victim of fraud.

Here are some tips to help protect your debit card and PIN:

  1. Change your PIN often to protect your financial information. You can now change the PIN on your BMO FirstBank Card and Mosaik MasterCard at any BMO ABM, 24 hours a day, 7 days a week.
  2. Use your hand or body to shield your PIN when you are conducting transactions at an Automated Banking Machine (ABM) or at a point-of-sale terminal.
  3. Never let your banking card out of your sight when conducting a transaction at a point-of-sale terminal. Always remember to take your banking card and transaction record with you once your transaction is completed.
  4. Regularly check your statements and balances to verify all transactions have been properly documented. If entries do not accurately reflect transaction activities, for example, if there are missing or additional transactions, you should contact your BMO Bank of Montreal branch immediately.
  5. If your banking card is lost, stolen or retained by an ABM, notify your BMO Bank of Montreal branch immediately.
  6. Your banking card and PIN are the keys to your account(s). Never disclose your PIN to anyone … not even us. You are the only person who should know it.
  7. Memorize your PIN - it's your electronic signature. If you suspect that someone knows your PIN, change it immediately or contact your BMO Bank of Montreal branch to cancel the card.
  8. When selecting your PIN, never use obvious information - such as, your telephone number, date of birth, address or social insurance number.

For further information, you can also visit the following sites:

Canadian Bankers Association
Interac®* Association



Back to top