Internet-Bank Branches and ATM Contacts Card blocking
News
About the Bank
Retail Banking
Remote Services
Internet Banking
Raiffeisen CONNECT
SMS-Banking
General Terms and Conditions
Small Enterprises
Corporate Business
Financial Institutions
Public Sector
Public Relations
Corporate responsibility
For investors
Vacancies
Raiffeisen Bank International

Contacts


Information center
Moscow: +7 (495) 721-9100
Other Russian cities:
8 (800) 700-9-100 (Russia
toll free)

24 hour
Card Support Service
Moscow: +7 (495) 777-1717
Other Russian cities:
8 (800) 700-1717 (Russia
toll free)

Raiffeisen Bank
in social networks

Security


General Information on Raiffeisen CONNECT Security


Raiffeisenbank has implemented Raiffeisen CONNECT internet banking service using reliable security means and international best practices. This allows us to offer customers services that are as fully integrated as possible into the existing banking infrastructure, and to fully control the functionality and operation of banking services, thereby guaranteeing to our customers security, convenience and reliability when using them.

Following means to assure security are used in the system:

  • a secure connection that ensures confidentiality of transmitted information;
  • tools that enable customers to monitor recent system sessions;
  • special PIN2 and digital keys for access to active transactions;
  • email and SMS alerts of active transactions and of changes to personal data in the system.

Recommendations for Raiffeisenbank Customers Using Raiffeisen CONNECT

This information is being circulated to help customers secure the proper safety of data-transmission via open communications channels (the Internet). If you are not a technically adept user, please contact your system administrator for technical support.

In case of difficulty, you can also contact Raiffeisen CONNECT Technical Support by telephone, by email, or via the feedback form.

  • Make sure that you connect with the bank server in secure mode (SSL)
  • Always exit the system using the Logout link
  • Use  secure passwords
  • Switch off automatic completion of web forms, and also make sure that your  browser does not allow the saving of confidential pages (SSL-page)
  • Keep your PIN2 confidential, do not save it on the computer
  • Do not disclose your password and  PIN2 to anybody, even bank employees
  • Do not save digital keys on a computer/digital carrier that is accessible by third parties
  • Pay attention to the time of the last system visit
  • Use your email to receive information on changes in your personal data and on signed applications for entering into active transactions
  • You can subscribe to Raiffeisen MOBILE SMS alerts to receive information on applications for external transfers in online mode

SSL Protocol

SSL (Secure Sockets Layer) is the protocol that protects data transmitted between web browsers and web servers. The main objective of the protocol is:

  • server-authentication that guarantees to users that they have indeed reached the web junction that they wanted to visit;
  • creation of a secure channel through which information may be transmitted between the browser and the server in encoded mode, so that nobody will be able to distort information or gain access to it.
  • Any page whose address starts with “https” is transferred in secure mode using SSL. The “s” letter added to the well-known HTTP (Hypertext Transfer Protocol) signifies “secure”.
    Users do not need to take any special steps to shift to an SSL connection — the SSL customer programme is built into the web browser.
  • Confidential information is transferred using the https (SSL) protocol.

How to Make Sure that the Connection Takes Place in Secure Mode

You can verify whether or not the certificate (SSL) of the Raiffeisen CONNECT server is genuine by clicking on the secure-connection icon:

Internet Explorer 6 Internet Explorer 6 Internet Explorer 7 Internet Explorer 7 Mozilla Firefox 2 Mozilla Firefox 2 Opera 9 Opera 9

The certificate data should contain the following information:

To whom the certificate was issued: ZAO Raiffeisenbank
By whom the certificate was issued: Thawte SGC CA - G2
Certificate validity period: from 18 November 2012 to 18 December 2012

In Internet Explorer 6.0 the certificate looks as follows:


On the left you can see a valid certificate, which confirms that you are connected to the ZAO Raiffeisenbank server. If you click on «Certification Path», you will see the current status of the Certificate.

If the certificate status differs from “This certificate is OK” or “This certificate is valid”, please exit Raiffeisen CONNECT immediately and notify your personal account-manager or Raiffeisen CONNECT Technical Support of what has happened by telephone, by email, or via the feedback form.


PIN2

  • Keep your PIN2 code confidential, and do not disclose it to third parties. Do not keep your PIN2 code written down on paper; if this is unavoidable, try to keep it separately from your user name (login) and password.
  • Do not transmit information on your PIN2 code and password to any of the bank’s employees or to persons claiming to be the bank’s employees. No bank employee shall in any circumstances be entitled to ask you to provide information on your PIN2 code and password.
  • You should under no circumstances store information on your PIN2 code in your computer. This will prevent unauthorised assess to the system. If you have any suspicions that somebody has information on your PIN2 or password, you should change this information immediately (block your PIN2 code or obtain a new one, and change your password).

Sessions

  • Verify the date of your last visit to Raiffeisen CONNECT. If you have any suspicions that somebody has entered the system using your passwords, please notify Raiffeisen CONNECT Technical Support immediately by telephone, by email, or via the feedback form.
  • Always exit Raiffeisen CONNECT using the “Logout” link. When you do this, your Internet sessions will be terminated immediately.
  • We do not recommend using Raiffeisen CONNECT services in Internet cafés, libraries etc., since these sort of establishments do not have a proper security system.

Passwords

  • Develop and use complex password for Raiffeisen CONNECT internet banking system in accordance with recommendations listed below.
  • For security purposes, the system password has a limited effective period of 180 days, after which you will need to change it.

Choosing a Secure Password

A secure password is a password that is difficult to guess but easy to remember. For a password to be difficult to guess, it should have specific syntactical parameters.

You should follow the following rules when choosing a password:

  • the password should consist of at least 8 characters (the longer the password, the better);
  • the password should be a combination of letters, digits and, if possible, special characters;
  • the password should be a combination of upper-case and lower-case letters;
  • you should not choose as a password any words contained in standard dictionaries: names, acronyms, words taken from dictionaries (including foreign dictionaries) or logical sequences  thereof (in order to prevent the password’s being ascertained by searching);
  • the password should not contain any repeating sequences of characters (for example, the word “access” contains more than two identical consecutive characters), obvious sequences, or patterns created by characters placed on the keyboard (e.g. “asdfghjkl” and “erdfcv”).

A secure password will have the following features:

  • It should be easy to remember. Passwords that are too complicated are likely to be recorded, and thus will become insecure.
  • It can be entered quickly. If you spend too long entering your password, people in the vicinity will be able to make out its structure (e.g. its length).

It is normally quite difficult to find a password that meets all of the above requirements yet is sufficiently easy to remember that it does not need to be recorded.

To remember a password, you should follow this advice:

  • Alternate short words with digits or special characters, e.g. “this;Is:One.good:PassWord” and “3Doggiesareloud!”.
  • Create an acronym out of the initial letters of the words making up a sentence that you will easily remember.
  • For instance, you can form the acronym “Tpftssivhtc” out of the initial letters of words in the following sentence:  “This password for the security system is very hard to crack”. If you need more than one password, you can choose a common sentence and create one password out of the first letters of the words in that sentence, the second password out of the second letters of those words, etc. This method makes it possible to include digits in acronyms, e.g. “O21A68WPmiC” (“On 21 August ’68 the Warsaw Pact marched into Czechoslovakia”).
  • When making up words, you can deliberately make spelling mistakes so as to make lexicological analysis of such words difficult.

Automatic Completion/Saving of Pages

  • If the browser window asks you if you want form fields (login and password) to be completed automatically, you should say no. If the option of automatic completion of personal information in your browser forms has already been enabled, you can switch off this function manually in the browser settings. To do this, you will need to set the appropriate parameters in Tools -> Internet Options -> Content -> AutoComplete.
  • To prevent your browser from saving SSL pages, you should switch off the form function in your browser’s settings. To do this, you will need to set the appropriate parameters in Tools -> Internet Options ->  Content -> Forms. This will help to avoid data’s (user password, user name etc.) being saved on the hard drive, which in turn will prevent the data’s being used by third parties.

General information on internet banking security.

  1. Keep the key media in a safe place, where third-party access to the media is not possible. CONNECT the key media to the computer only for the duration of the internet banking session.
  2. Use complex passwords consisting of letters, numbers and special characters that you can remember. Never write down your passwords.
  3. Under no circumstances should any confidential internet banking credentials (including passwords, keys, PIN-codes etc.) be disclosed to third-party, including relatives, colleagues or employees of the Bank.
  4. In no case Raiffeisen Bank employees request your confidential information via e-mail, SMS messages or other communication methods . Be careful: do not respond to such requests.
  5. Please use for internet banking operations a dedicated computer system (may be virtual), operating system or browser in all possible cases.
  6. Install antivirus software and a personal firewall on the computer that you use to work with internet banking system, configure them in accordance with the recommendations of the software provided. Regularly install security updates for your computer.
  7. Always properly log out of the system in accordance with the instructions of the User’s Guide for corresponding internet banking system.
  8. Configure and monitor system notifications of the actions executed in the system (where such service is available).
  9. If you suspect that your confidential internet banking credentials have become available to third parties or if you detected any unauthorized transactions in the system, please immediately contact the Customer support hotline numbers provided in the User Guide or apply to the nearest branch of Raiffeisenbank in person.

For additional information on Raiffeisen CONNECT, please contact Raiffeisen CONNECT Technical Support by telephone, by email, or via the feedback form.

Your city