Cyberbanking has a number of security measures to safeguard your financial information:

• Personal Identification Number (PIN)
  You must enter the correct Cyberbanking account number and PIN every time you want to access your Cyberbanking account. When you log in to Cyberbanking for the first time, you are required to change your PIN. We advise that you change the PIN periodically, e.g. every 30 days.
• Automatic Exit
  To protect against unauthorized access, the connection to Cyberbanking will be automatically terminated if the service has been idle for more than 10 minutes.
• Deploy Transport Layer Security ("TLS") encryption
  "TLS" is an international and well-proven standard encryption module developed to ensure confidentiality during data transmission. All important information transmitted between your browser and our Bank through Cyberbanking - Internet will be encrypted by TLS.
• Account access is disabled after 3 unsuccessful login attempts
  The Cyberbanking account is disabled after 3 unsuccessful login attempts (on an accumulated basis). Customers with disabled accounts need to contact the Bank to re-establish access.
• Cyberbanking pages are not cached and stored
  All pages you view during a banking session are neither cached nor stored on your computer to ensure the confidentiality of your financial information.

Our system will check whether your browser is a proper version, and whether "TLS" and "Cookie" options have been enabled.

To enable Transport Layer Security (“TLS”) version 1.2 in Microsoft Edge, please follow the following steps:

• In the Windows menu search box (by pressing Windows key)
• Type “Internet options”
• Under best match, click “Internet Options”
• In the Internet Properties window, click “Advanced“ tab, and scroll down to the Security section
• Check the User TLS 1.2 checkbox
• Click OK
• Close and restart Microsoft Edge browser

(Please refer to “Help” contents of your browser for other versions or other browsers)

Every secure website possesses a digital certificate to prove its identity.

You must not log in to or enter account information on any website fraudulently masquerading as the Bank's website, where the padlock icon cannot be found or where the certificate information is invalid.

You can follow the below-mentioned steps to display the certificate information and verify the identity of the Cyberbanking of The Bank of East Asia, New York Branch.

For Google Chrome,

Perform the following and a "Certificate Information" page will pop-up;

1. At Cyberbanking screen, click the padlock icon
2. Select “connection is secure” -> "Certificate is valid"
3. Check the "Certificate" information page and verify that the certificate information is displayed with:
   Issued to : netteller.com
   Issued by : DigiCert TLS RSA SHA256 2020 CA1
   Valid form : "Date" to "Date" (Check if this certificate is valid)

Some latest browser versions have features, such as "Autofill" (Google Chrome), that can save previous entries that you have made for web addresses, forms, passwords, etc. Therefore, when you type similar information in one of these fields, a dropdown list with possible matches will automatically appear for you to select.

To protect yourself and prevent unauthorized use of your account, you are advised to disable this feature on your browser. You may also lock your computer by using power-on passwords, etc., to prevent unauthorized access.

For Google Chrome:

• Click the Chrome menu icon. (Three dots at top right of screen.)
• Click on Settings.
• In the "Autofill" section, expand the area for which you wish to disable Autofill.
• Toggle the setting OFF if it is on. The system will automatically save your settings.

(* Please refer to the [HELP] contents of your browser for other versions.)

Personal Identification Number (PIN) Management

1. At all times, keep your Cyberbanking account number and the PIN confidential. Do not disclose your PIN to any person, including any joint account holders. Never send your PIN via e-mail and never assign the same PIN to access two or more different services (for example, for connecting to the Internet or accessing other websites);
2. Do not, under any circumstances, disclose your PIN to anyone who claims to represent the Bank or who claims to serve as a BEANY employee or other authorized person. Your PIN should remain your private, confidential property - it is not necessary for the Bank's personnel to know your PIN;
3. Notify the Bank immediately of any actual or suspected unauthorized use of your Cyberbanking account number and/or PIN. In addition, inform the Bank immediately in writing of this actual or suspected unauthorized use;
4. Change your PIN immediately when using it for the first time and destroy all documents containing any PIN information;
5. Do not use your social security number, telephone number, date of birth, driver's license number or any popular number sequences (such as 987654 or 123456) as your PIN. Choose a PIN that contains a combination of letters and numbers, and avoid using the same digit more than twice;
6. Do not write your PIN down - memorize it;
7. Keep your PIN separate from your Cyberbanking account number;
8. Be alert to your surroundings before logging in to your Cyberbanking account and make sure that no one sees your PIN;
9. For security reasons, change your PIN regularly - a PIN change at least once every 30 days is recommended;

Protecting your computer

1. Take precautions against hackers and computer viruses when sending and receiving e-mails, opening e-mail attachments, visiting and disclosing personal / financial information to unknown websites and downloading files or programs from websites;
2. Install proper firewalls, and anti-virus and anti-spyware software on your computer and update them with security patches or newer versions on a regular basis to strengthen the security of your computer;
3. Upgrade browsers and application software to support TLS encryption or a higher encryption standard;
4. Remove file and printer sharing features on your computer to prevent unauthorized control or access to your computer, especially when you have Internet access via cable modem, broadband connection, wireless or other similar set-ups;

When Accessing Cyberbanking

1. Disable the "Auto-complete" option on your browser to avoid storing your Cyberbanking Account Number and/or PIN on your PC.
2. When you have finished your banking session, logout from Cyberbanking and close your browser immediately to clear the browser cache;
3. Do not leave the computer unattended while using Cyberbanking;
4. Do not use a public or a shared computer to access Cyberbanking;
5. Confirm the authenticity of our Cyberbanking website by:

   1) Click the padlock icon at the Cyberbanking screen in Google Chrome

   2) Select “connection is secure” -> “Certificate is valid”

   3) Check the information in the digital certificate that displayed

   The padlock icon appears when the communication between you and the Bank is protected by encryption.

   Certificate Information:

   

6. Ensure that all other internet browser windows are closed when you are using Cyberbanking;
7. Check your last login date and time displayed on the screen immediately after you have logged in.

   If you suspect that your PIN has become known to others, you should change it immediately.

   In addition, check your bank balances and transactions on a regular basis.

   If you suspect that a security breach or unauthorized account activities have occurred, change your PIN and contact the Bank as soon as possible;

8. Always click on "Logout" to logout properly when you have finished using Cyberbanking;
9. Do not click on any URLs or hyperlinks embedded in e-mail, Internet search engines, or any unknown source to access our Bank's website, or to log in to Cyberbanking. Always type the URL of the Bank's homepage (www.hkbea-beany.com) into the address bar of your web browser directly and access Cyberbanking from the Bank's website.