How can we help?
Popular searches


Online security guarantee

Our online security guarantee is your assurance of our online banking safety.

Be confident that ING DIRECT Online Banking is safe and secure.

In the unlikely event that an unauthorised transaction takes place on your account, you will not be liable for the unauthorised transaction, provided you have complied with the terms and conditions of the account.

How you can protect yourself

There are plenty of ways that you can better protect your banking security to add to the security measures that we already take for you.

Security tips

Keeping yourself protected online can be easy. Remember the security tips below:

Install anti-virus software on your computer and keep it updated. You should regularly scan your computer for viruses.

Always enter your Access Code by "clicking" the on-screen keypad. Never type in the number using the numerical keys on your keyboard

Install a personal firewall on your computer to create a security barrier between your computer and the Internet

Avoid using online banking on computers at public places such as internet cafes

Always access online banking by typing into your browser

Don't disclose your Access Code, card PIN or Security Code to anyone (the only exception to this is when you call our Contact Centre, they may send you a Security Code to help verify your identity)

Never leave your computer unattended while logged onto online banking - you should logout of your online banking session as soon as you have finished.

Online security
Keep your computer software updated

Computer operating systems are complex and vendors regularly release patches to fix security weaknesses. You should regularly check and update your computer's software by running the update software functions provided (e.g. Windows Update or updates tab in Mac OS App Store).

Protect your identity
Be aware of phishing emails

Phishing is when hackers attempt to fraudulently obtain your personal details, such as online banking login details, passwords and other personal information by claiming to be from a trustworthy source via text messages, email communications or instant messages. These messages look like they came from your bank but clicking on the link may take you to a fake website or install malicious software onto your computer.

If you wish to report a suspicious ING DIRECT email please forward the email to us (as an attachment where possible) at . If you are unsure about an email you have received, you can contact us on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days

To help protect yourself against phishing, follow these guidelines:

Don't click on links or attachments in emails that you were not expecting

Never provide login details in response to an email

Note: ING DIRECT will never send you an email asking for your login details.

To avoid being a victim of a phishing scam or hoax websites, look for the following:

Treat emails (and other electronic communications) that ask for personal or financial information with caution. Most financial institutions will not send you an email asking you to provide this type of information.

Be vigilant and check your statements regularly for suspicious transactions.

With the threat of phishing and hoax websites designed to steal your login details, it is important to ensure you are accessing the genuine ING DIRECT website.

When signing in to ING DIRECT online banking, ensure that there is a padlock icon in the address bar.

The ‘Welcome’ screen in online banking will display your last sign-in date and time. You should check this and if it is not correct please contact us immediately on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days.

If you see any unusual changes to what you thought was the ING DIRECT online banking website, such as suspicious questions appearing asking for confidential information, please contact us immediately.

To ensure you receive ING DIRECT emails, add the domain to your safe senders list.

Social networking websites

Be careful about the amount of information you disclose about yourself on social networking websites such as Facebook, Twitter, LinkedIn and Instagram. Criminals may access these sites to gather information in order to steal your identity and gain access to your bank accounts.

Shred unwanted papers

Regularly shred unwanted papers before disposing of them, especially papers containing personal details like name, address, phone number and date of birth. Examples include bank statements, bills and receipts.

Online shopping

Protect your personal information when shopping online by following these steps:

Shop at secure websites and ensure you are on the correct website by checking the address

Read the website's privacy and security policies

Provide only necessary information about yourself

Save all transaction details

Keep your password private

Beware of any deal that looks too good to be true, as it could be a scam.

Secure online banking
Protect your Access Code

Choose an Access Code that is difficult to guess

Do not select an Access Code that consists of repeated, ascending or descending numbers, or numbers that are associated with your birth date, Client Number or an alphabetic code which is a recognisable part of your name

Don't share your Access Code with anyone else, make sure you change your Access Code if you think someone else may know it.

If you record your Access Code, store it in a safe place, separate from your Client Number

Change your Access Code regularly

Avoid aggregation sites

Don't provide your Access Code to another website for the purposes of account aggregation.

Keep ING DIRECT updated with your details

It is important that we have accurate contact details for you at all times, in the event we need to contact you. You can update your contact details online or via our Contact Centre on 133 464 (24 hours, 7 days).

Check your statements

Regularly check your statement (or your online transaction history) for unauthorised transactions. Let us know immediately if you detect any unauthorised transactions on 133 464 (24 hours, 7 days).

Card security

If you have an ING DIRECT Visa card, you should take steps to ensure that your card and the associated PIN are protected from unauthorised access or disclosure.

Sign your Visa card as soon as you receive it.

Choose a unique PIN that is difficult to guess and is different to numbers used for other purposes.

Never write down your PIN.

Don't tell anyone your PIN. ING DIRECT will never ask for your PIN during a phone call.

Treat your Visa card like cash - don't leave your card unattended and don't give your Visa card to anyone else or allow anyone else to use it.

Know where your card is at all times and keep it in your sight when paying for goods and services. Ensure your card is returned after paying for goods. If possible when dining, walk to the counter or use a handheld terminal to pay your bills, instead of giving your card to the waiter.

When shopping online, ensure the website is reputable and secure.

Always check your statements for unauthorised transactions.

Keep all receipts until you have reconciled your statement, then store your receipts securely or destroy them.

Keep a record of your card information in a safe place, in the event your card is lost or stolen.

Ensure that you can be contacted by us at all times (even when overseas), if we need to contact you about unusual activity on your account. Update your email address, or ensure that your mobile telephone has "global roaming" activated if you are travelling overseas. You can also use the ING DIRECT app to let us know your travel plans. This helps us monitor your card and can avoid your card being unnecessarily blocked while you’re away.

If you have misplaced your card, you can place it on hold using the ING DIRECT app. This will give you time to find it (without the worry of someone else potentially using it). And once found, you can remove the hold in the app as well. This can be done from either the transaction detail history page or in the settings menu.

If your Visa card is lost, stolen, used without your permission or you suspect your PIN is known to someone else, contact us immediately on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days.

General banking security

Phone security

Be aware of phone scams where criminals pretend to be calling from your bank. When receiving phone calls, be naturally suspicious and call back your bank if you are not comfortable.

On occasion, ING DIRECT may need to call you to discuss your account or to answer a question from you. As part of the call, we may need to verify that we are speaking to the correct customer by asking you some random security questions.

If you do not feel comfortable or have any concerns about the legitimacy of the call, please call us back on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days.

Remember that we will never phone you to ask you for your Access Code, Client Number, card PIN or Security Code. (However if you call the Contact Centre we may send you a Security Code to help verify your identity.)

ATM security

Ensure no-one else can view your PIN when using an ATM.

Try to use ATMs in locations where you feel safe such as busy and well lit areas.

Be alert for suspicious activity around ATMs or EFTPOS. In particular, suspicious individuals nearby or unusual attachments which may indicate the ATM has been tampered with. Do not use the ATM in these circumstances.

More Security information

If you wish to find out more about security, visit the following websites:

Protecting Your Identity Guide, Attorney-General’s Department

Stay Smart Online has been provided by the Australian Government to help home computer users and small businesses to be safe when online.

ScamWatch - provided by the Australian Government, provides useful information on methods used by scammers and strategies you can use to protect yourself.

How we protect you

ING DIRECT takes the security of your information and money very seriously. We use technology and physical security measures to ensure a high level of protection for your information and money.

Knowing online banking is safe isn't just a nice-to-have. It's a must-have. Thankfully, as an ING DIRECT customer, your information and money is protected with industry standard security technology and practices.

Protection of your information

ING DIRECT takes the security of your information and money very seriously. We use technology and physical security measures to ensure a high level of protection for your information and money.

We continually monitor trends and work with industry experts and authorities to ensure that we provide a high level of protection.

Industry-leading encryption with Extended Validation Certificates

Our website uses SSL (Secure Sockets Layer) encryption to ensure that others cannot read information travelling over the internet between your computer and our website. This can be verified by checking that there is a padlock icon in the address bar, which will appear when you log into ING DIRECT online banking.

We've also made it even easier for you to make sure you're accessing the genuine ING DIRECT website, by using "extended validation" certificates. Simply look for the green address bar when you access ING DIRECT online banking (when you use compatible web browsers).

In order to use this feature, upgrade your web browser to the latest version available.

Login Security

Virtual keypad - We use a virtual keypad on our website when you are required to enter your Access Code. The order of the numbers on the keypad changes on each login. This keypad is designed specifically to help prevent hackers from capturing your Access Code and therefore gain access to your account.

Security tips - On login, you will see regularly changing security tips, to help you to protect your information and money. Please take a few moments to read these tips and follow the instructions.

Last login time displayed - When you successfully sign in to online banking, the Welcome screen will display your last sign-in date and time. This will help you to determine whether unauthorised parties have accessed your account.

Login timeout - If you do not perform any activity on online banking for 8 minutes or more, your online banking session will automatically timeout and you'll be logged out.

Account lockout - For your account protection, after three failed login attempts, your access to online banking will be suspended. To unlock your account you'll need to call us on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days.

Security codes

Security Codes provides you with an additional level of protection. When banking online your existing Client Number and Access Code already provide you with security. But because you can't be too safe when it comes to your information and money, to enable you to perform certain transactions online with even greater confidence we've introduced an additional level of security called Security Codes.

These are once-only codes sent to your mobile phone. Once received, you need to enter the Security Code in the secure online area within 5 minutes of receiving it every time you perform certain online transactions such as paying bills via BPAY for the first time or changing any of your contact details (address, phone number, etc). Expiring after 5 minutes, they help to ensure it is you (rather than a potential fraudster) who is performing the transaction.

Security Codes are a form of "two-factor authentication" designed to protect you against many types of online fraud such as phishing, Trojans and identity theft. Two-factor authentication is a process designed to verify two things - something you know and something you have. In the case of ING DIRECT, we verify your Access Code (something you know) and your receipt of a Security Code sent to your registered mobile phone (something you have).

A quick one-off registration process is required to set up Security Codes.

For more information including when Security Codes are required, see our Security FAQs.

Please contact us immediately on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days if:

you receive an SMS Security Code sent from ING DIRECT and don't know why;

the details of the SMS we send you are different from what appears on your computer screen;

you receive a request for your Client Number and/or Access Code via SMS. ING DIRECT will never request that you provide your Client Number and/or Access Code via SMS. We will also never ask you to reply to an SMS Security Code text message; or

your online and phone banking access has been suspended.

Email alerts

For customers registered for Security Codes, an email alert may be sent to your email address that we have on file after certain transactions have been performed.

To ensure you receive these important email alerts, please make sure that your email address registered with ING DIRECT is accurate at all times. You can update your email address online or via our Contact Centre on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days.

Please contact us immediately on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days if you:

receive an email alert from ING DIRECT and don't know why;

do not recognise the transaction described in the email alert;

receive a request for your Client Number, Access Code, card PIN, Security Code or any personal information via email.

My Messages

My Messages contain a copy of all email alerts sent to you by ING DIRECT for customers who have registered for Security Codes. If you wish to confirm an ING DIRECT email alert is genuine, simply login to ING DIRECT online banking and click "My Messages". You should see a My Message identical to the email alert you received.

As with email alerts, if you receive a My Message and you do not know why, please contact us immediately on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days.

Please note that not all emails sent to you by ING DIRECT will appear in My Messages. For example, promotional mailings and online statement notifications will not appear in My Messages.

Daily limits

ING DIRECT apply daily transaction limits on some transactions, in order to protect your account. Refer to the Terms & Conditions for your account for full details.

Transaction monitoring

ING DIRECT operate a number of specialised industry standard systems designed to help us to detect fraudulent transactions performed on your account. In analysing and investigating alerts, we may need to phone you to verify activity on your account.

To help us contact you quickly, please ensure that your contact phone numbers registered with ING DIRECT are current at all times. Remember to activate global roaming on your mobile phone if you are travelling overseas. You can update your contact phone numbers online or by calling us on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days.

Communication to customers

We will communicate to you when we become aware of new threats to online banking by updating the Security Alerts and News section of our website, as well as the Security Tips page on login. If you have any concerns about the security of online banking, please contact us on 133 464 (+61 2 9028 4077 from overseas) 24 hours, 7 days.

Paperless statements

For Orange Everyday, Savings Maximiser, Savings Accelerator and Living Super customers, you can receive your statements electronically in online banking. This allows you to securely access your statements without the risk of your mail going missing, as well as instant online access and up to 7 years of statements

Security chip cards

ING DIRECT is committed to providing you with the highest level of security, so we have introduced security chip technology on our cards. The security chip makes the information stored on your card more secure and far more difficult to fraudulently copy card details. For more information on the new Security Chip Cards visit our Security FAQs.

Verified by Visa

Verified by Visa is a free service that provides added protection when you shop online at participating Verified by Visa merchants using your Visa Debit or Credit Card. For more information on this service, visit our Verified by Visa FAQs under Security FAQs.