Safeguard your Account

Nobody knows your account better than you. That’s why you should never share your debit card details, internet banking user credentials with anyone over the phone, SMS or email. GTBank UK is continuously developing and implementing security enhancements to ensure the integrity of our internet banking platforms. Our goal is to protect your online safety, the confidentiality of your customer account and personal data.

Learn more about protecting yourself online, how to spot fraudulent e-mails and Web sites.

Security Tips

  • Giving away your internet banking login, card details, PIN and codes from your token device, gives anyone total access to your account. GTBank UK will never ask for any of these details via any form of communication
  • Keep your ATM cards safe and do not share your personal identity number (PIN) with anyone. Do not keep any written copy of your PIN with your card. Memorise it.
  • Seeing a phone number or email address you recognise does not mean it is genuine. Always give cold-callers a cold reception
  • Use your hand or body to shield your PIN when you are conducting transactions at the Automated Teller Machine (ATM) or when making Point of Sale (POS) transactions at retail stores.
  • Check your bank account statements and card transactions regularly to make sure these only reflect transactions you have made. If you see a transaction you cannot explain, report it to the bank.
  • Always log on to our internet banking service via our website – www.gtbankuk.com
  • Watch out for copycat websites. Don’t fall prey to any website that looks similar to GTBank UK’s website. Check the URL carefully. (https://)

Recognising Fraud

You are the first and best layer of defense in combating online fraud. Learning to properly detect and avoid online scams is the ultimate protection against fraud. Read the tips below to help you spot potential scams. Online fraud typically takes the form of fraudulent e-mails and Web sites. These forged means of communication often use corporate logos, colors and legal disclaimers to make them appear authentic.

Fraudulent E-Mails

Fraudulent e-mails are the most common avenue of online scams. A “spoofed” e-mail is one that purports to be from a reputable source in an attempt to trick you into divulging personal or account information, sending payment, or otherwise taking an action that will result in fraud. These attacks are common because they are low-tech and can be easily deployed on a massive scale. Even though the warning signs are there, “phishing” and scam e-mails continue to fool people. Some of these mails also request that customers update their account records by clicking on links to fake Internet banking and Interswitch websites.

Spoofed Websites

Spoofed Websites, like phishing e-mails, are used by fraudsters who build fake websites that look very similar to GTBank UK’s website to lure unsuspecting customers into submitting their online banking log-in information and card details which are later used to access such accounts. Spoof Websites allow fraudsters to collect such sensitive information as internet banking account and ATM card details.

GTBank UK will never ask a customer to provide, verify or update their personal, account or financial information via email or pop-up windows. This includes: Passwords, Personal Identification Numbers (PIN), or ATM or Debit Card numbers. If you receive an email requesting such information, do not respond and never click on a link contained in a suspicious email.

Phishing

Phishing involves the use of fraudulent email or browser pop-up messages that appear to be from a legitimate source, often using a company name, logo and/or graphic. A typical scam consists of:

  • Receipt of an email message stating you need to update or validate your account information.
  • The message suggests a dire consequence, such as your online access expiring or being suspended, if you do not respond.
  • Via a link in the message, it directs you to a Web site that looks legitimate, but is not.

The intent is to trick you into divulging personal information, such as your account number, User ID or Password so they can commit crimes of a monetary nature or identity theft. It may also be an attempt to deliver and install malicious code (malware) that can harm your computer.

How to avoid falling for Phishing Scams

Never open any email unless you know who the sender is. The very act of opening an email can infect your computer with malware. Be skeptical of every email you get, and never click on suspicious links, or download suspicious attachments. If all else fails, call your bank.

Pharming

Occurs when you enter a Web address but are redirected, without your consent or knowledge, to a fraudulent site that looks similar to a legitimate site. The intent of the fraudulent site is to capture confidential information.

Skimming

“Skimming“ is a method by which thieves capture the magnetic stripe data from your card and use it to create a new, counterfeit card. These counterfeit cards are then used to process unauthorized transactions against your account. There are two main methods of skimming card information:

A small device that appears to be a part of the machine is placed over the card insertion slot of an ATM, gas pump, or other self-service kiosk. As you slide your card into the ATM, this device “reads” the data on the stripe and either stores it or transmits it to a nearby location. Often times, there is also a small, hidden camera that captures your keystrokes as you input your PIN into the machine.

Your Responsibility

GTBank UK and its staff will never call or send you an email with a link, asking you to update your internet banking profile or request your passwords, token generated codes, card details or PIN. Anyone that asks for any of these details is a fraudster.

In the event that you receive or have received an email fitting this description or a suspicious telephone call from someone claiming to be from GTBank UK, please report such to any of the numbers on: 02079479700 or 02079479810 and forward such emails to complaints@gtbankuk.com

GTBank UK's Policy

GTBank UK adheres to the following security principles:

  • Confidentiality: all sensitive information will be protected from unauthorised access or disclosure;
  • Integrity: all information will be protected from accidental, malicious and fraudulent alteration or destruction; and,
  • Availability: Information will be available throughout the times agreed with the users and be protected against accidental or malicious damage or denial of service.

To this end, we are continuously developing and implementing security enhancements to ensure the integrity of our internet banking platform. Our goal is to protect the confidentiality of our customer account and personal data. While we work to ensure that a secure environment is provided for internet banking, there are steps that internet banking clients should follow to protect confidential information while performing financial transactions online. This is because achieving effective security is a partnership between us and our esteemed customers. These steps include, but not limited to the following:

  • Keep answers to your chosen security question private to you
  • Change your security question from time to time
  • You can use pseudo answers to your security question for better security online. For example, answering ‘blue’ when ‘red’ is meant
  • Keep your token securely always
  • Signoff when you have finished your online banking session
  • Check your account regularly to monitor activities
  • Always signoff when you have finished your online banking session.

In addition, to protect yourself online the following password management practises are advised:

  • Create a strong unique password. Select a password that is hard to guess by using random letters, numbers and symbols. Do not use readily identifiable information such as your name, birth date, or child’s name.
  • Do not share your password with anyone else. Keep your password secure.
  • Do not use the Save Password option on your computer, especially when shared with others.
  • Change your password regularly. We recommend changing your password periodically, say every 60 – 90 days

Card Fraud / Lost or Stolen Cards

Our fraud detection system constantly monitors card transactions on your account for irregular activities and when we determine a transaction is suspicious, will stop the transaction going through. We will send you a text message immediately and give you a call within a short while.

Please remember that we will never ask you for your PIN.

To ensure that we can always contact you when we need to, always keep your contact details up to date. And if your card is lost or stolen, let us know straightaway by calling +44 (0)207 947 9701 or +44 (0)207 947 9700 (Option 2).

Third-Party Information Security Notice

Introduction

Guaranty Trust Bank (UK) Limited (GTBank UK) partners with vendors and other third parties to deliver quality but secure services to its customer base globally. To this end, it is vital that we collaborate with our partners to ensure the confidentiality, integrity and availability of information. GTBank UK demands specific standards from all our vendors providing critical services and process data for the Bank.

1. 3RD Party Data Protection Requirements

1.1 GTBank UK recognizes that the use of third party vendors creates various risks that must be properly managed.

1.2 Any vendor with access to GTBank UK’s data classified as personal data or higher are expected to demonstrate their security policies, processes, and procedures and prove that they are able to provide adequate protection of such data, including against misuse or compromise. The following sections outline the requirements that vendors must follow if they collect, use or process personal data while providing services or doing business with GTBank UK.

2. Organization of Information Security

2.1 Vendors must establish, implement, and maintain information security policies and a program of technical and organization security measures appropriate to prevent any access to GTBank UK's confidential information and comply with and meet all applicable information security best practices standards and guidelines, including those set forth in this document.

2.2 We (GTBank UK) ensure that our digital channels are designed and implemented with security in mind.

3. Incident Response and Notification

3.1 Vendors must maintain a current incident management process and must notify GTBank UK without undue delay after becoming aware of any potential destruction, loss, alterations, unauthorized disclosure of, or access to GTBank UK’s confidential information, including data, transmitted, stored or otherwise processed by the vendor or its sub-processors.

3.2 Vendors must have and use an incident management process that is managed by trained resources. The vendor incident management process must be consistent with various laws and regulatory requirements as well as published best industry compliance and governance standards.

3.3 Vendors must follow incident response best practices and make reasonable efforts to identify the cause of incidents and take appropriate steps in order to remediate the cause of the incident.

3.4 Under no circumstances shall a vendor publicly disclose any such breach of GTBank UK information, systems, or other resources. Vendors must immediately notify GTBank UK of a possible or actual incident and work directly with GTBank UK, as requested by GTBank UK, to notify applicable government officials, authorities, credit monitoring services, individuals affected by such breach, and/or any applicable media outlets, as required by law.

4. Information Security Management System Controls

4.1 Where a supplier is contracted to manage GTBank UK information, information assets or information systems, the supplier must ensure that an information security management system employed to secure GTBank UK information, information assets or information systems is in place and complies with ISO/IEC 27001 or other equivalent international or UK standards (IASME, Cyber Essentials Plus). Evidence must be provided to GTBank UK of compliance with the standard, either through formal certification or otherwise, to GTBank UK’s satisfaction before any GTBank UK information, information assets or information systems are accessed by the supplier.

4.2 Suppliers must agree to permit and facilitate audits of all aspects of their information security management system by GTBank UK or appointed agents and to address any findings of such audits to preserve the security of information to GTBank UK’s standards and requirements. We can also rely on reports of external audits by reputable international audit firms.

4.3 The transmission of information between GTBank UK and a supplier must be encrypted to a level commensurate with the security classification of the information and to ISO or other standards.

4.4 Live GTBank UK data and information may not be used for test purposes. Data and information to be used for test purposes must be anonymised, scrambled or otherwise rendered in such a way that no live GTBank UK data or information can be reconstructed from that used for test purposes.

4.5 GTBank UK information may not be copied by any supplier other than as far as is necessary for providing an agreed service to GTBank UK.

4.6 A supplier holding GTBank UK data on GTBank UK's behalf must have in place processes to ensure that critical GTBank UK information held by them can be promptly and efficiently recovered following an emergency

5. Legislative, Regulatory and Contractual Requirements

5.1 The management of GTBank UK and other official information may engage obligations under the following legislation (note that this list is not exhaustive):

  • Data Protection Acts 2018 (UK GDPR)
  • Freedom of Information Act 2000
  • Computer Misuse Act 1990