If you think you’ve been targeted by an online or phone scam, please call us on 0800 327 863. We take security extremely seriously and will do everything we can to help.
Online security is extremely important at ASB. So we always use the highest industry standards to help keep your banking safe. We also constantly review our security to counter any new threats.
Outline of our security systems
When you login
You need to use a unique username and password to log in to FastNet Classic Internet banking. If you (or someone else) tries to access your accounts without these, they will be allowed a certain number of attempts before access is suspended.
We also show the date and time of your last login so you always know that no one else has accessed your accounts. If you choose, you can also use Netcode at login. This means that you’ll be asked to enter a unique code whenever you log in to FastNet Classic.
While you're banking online
Our servers are configured with secure certificates and we only allow secure connections to keep your information secure. This basically means that your information is scrambled before it travels over the Internet in a way that only we can unscramble. You can also use Netcode as an extra layer of protection when making payments online.
Each of our secure websites has a SSL certificate issued by Verisign to let you know that the website is genuine and secure. FastNet Classic uses an Extended Validation (EV) SSL Certificate. This means that if you're using Internet Explorer 7 and above, your address bar will turn green when you visit FastNet Classic. This makes it easy for you to be sure you’re on the genuine ASB website.
For more about SSL certificates visit the Verisign website or to find out more about EV Certificates visit Microsoft.
Credit Card numbers in FastNet Classic
To improve your security, we have masked the first 12 digits of your credit card and only the last 4 digits will be displayed.
E.g: XXXX-XXXX-XXXX-0103
When you're finished
You’ll automatically be signed off from your account if it’s inactive for a set period of time. But it’s even more secure if you log off when you’ve finished your banking.
When you log off, all of the pages you visited in our online banking websites are automatically removed from your browsers cache. This means other users of that computer won’t be able to view your personal or account details by using your browser’s back button or searching the contents of the computer's hard-drive.
Security experts behind the scenes
Our dedicated security team investigates new technologies, monitors activity and responds promptly to any emerging security issues. We regularly use reputable independent consultants to audit the security of all our systems.
Emails from ASB
Email is a really handy way to communicate with customers, but we also do everything we can to protect you from email phishing attacks. That’s why we have a very clear policy on how we’ll communicate by email.
Emails from ASB will never:
- Ask you to confirm any personal details
- Tell you we have lost any of your details
- Say that someone else has logged into your account
- Ask you to confirm your internet banking username or password
- Ask you to login to Internet banking from the email
Our emails will always give you the option to opt out and not receive further communications via email.
Remember: If you have any concerns about an email you receive from us, forward it to our dedicated email scam team on phishing@asb.co.nz.
What’s Phishing?
Phishing is the process of trying to get information by pretending to be a trustworthy organisation. In most cases, fraudsters will send a fake company email asking for personal information like usernames, passwords, credit card details or even names and addresses.
These emails can look very real. Sometimes they make offers or money, refunds or ‘essential’ updates to try and get you to act.
Typically a phishing email will ask you to click on a link that takes you to a fake website. Once there, you are prompted to ‘login’ to internet banking or provide personal details. They use this site to capture your information so they can use it fraudulently.
ASB will never ask you to login to Internet banking from an email.
If you think you’ve received a phishing email:
- Don’t click on any links within the email or reply to it
- Forward the email to phishing@asb.co.nz
- Delete the email from your inbox, your sent box and your deleted items folder.
If you think you’ve been taken to a phishing site:
- Close your browser immediately
- Empty your browser cache and clear your browse history
- Perform a virus scan on your computer using anti-virus software
- Call us on 0800 327 863 if you have any concerns
If you think you’ve entered your details in phishing site
Call us immediately on 0800 327 863 and we’ll reset your FastNet Classic password.
How can we avoid phishing?
We have an Email policy so you know what to expect from our emails. We also have a process in place for monitoring and responding to security issues including phishing attacks. If we experience a significant attack, we’ll let you know through messages on asb.co.nz, our social media sites and in FastNet Classic.
ASB Online Vault
What’s ASB Online Vault?
ASB Online Vault is a convenient, central place to store private information. It has the same tight security as Internet banking. So anything you store in the Online Vault is only visible when you log in to FastNet Classic.
How it works
FastNet Classic scrambles any information you enter into the Online Vault using an industry standard encryption algorithm and a unique private key. Your data and the private key are stored securely at ASB. When you enter the Online Vault to view information, FastNet Classic unscrambles your information and displays it for you in your browser.
Does ASB use or access my information?
No. ASB doesn’t view or use any of the information stored in your Online Vault. In fact, the ASB team who are responsible for the unique keys used to scramble and unscramble your data are separate from the team who store your data. In security, this is known as a “separation of duties”. FastNet Classic is the only bank system that can decrypt (unscramble) your information.
Will ASB ever share my Online Vault information with others?
No. ASB will never disclose your Online Vault information, unless required to do so by law. For example, if we receive a court order requiring us to disclose information, we may have no choice but to comply.
What happens if I lose my password?
If you lose your FastNet access code or password, call us on 0800 FASTNET (0800 327 863 ) or + 64 9 3063185 to arrange for your password to be reset. Once your password is reset, you’ll be able to log in to FastNet Classic and access the Online Vault again.
Is my Online Vault information backed up?
Yes. ASB protects your information in the Online Vault in the same way that we protect other Internet banking data. Your information remains encrypted when backed up and can’t be accessed directly using a backup copy.
Could someone else access information in my Online Vault?
No. The Online Vault has the same level of security as Internet banking. It can only be accessed by logging in to your FastNet Classic account. If you’re storing personal information in the Online Vault, we recommend that you activate the Netcode at sign on option to protect your personal information should your password be compromised.
Netcode
What’s Netcode?
Netcode is an extra level of security used to double-check that it’s really you making transactions online. It’s a randomly created code, a bit like a temporary PIN, that we can either text to your mobile phone or generate on a Netcode token.
The default Netcode limit is $500, however you can select any limit between $1 and $500.
How does it work?
If you are making a FastNet Classic payment that requires a Netcode, we’ll send you the code straight away so you can enter it online.
We can provide your Netcode by text message on a NZ mobile phone, or using a special Netcode token that we provide, or both.
What if I don’t receive my Netcode?
If you need to make a payment and you don’t have either of these with you, just call our contact centre on 0800 FASTNET (0800 327 863) and we'll identify you over the phone before releasing the online payment.
When do you need Netcode?
If using Netcode you’ll need it for the following:
- Transactions over a certain daily limit, usually this is $500, but you can set your limit as low as $1.
- When payments of more than $500 (or your set Necode limit) are going to a non authenticated bill payee.
- Any international money transfers
- If setting up your Credit Card PIN.
You’ll need Netcode:
- When you make a payment to someone else's account that hasn’t been previously authenticated. (eg. FastCheques, unregistered Bill Payments, self selected Bill Payments and Automatic Payments).
- When you make an international money transfer for any amount.
- When you register online for TXT banking.
- Setting up your Credit Card PIN.
Netcode is optional when you login to FastNet Classic.
Do I always need Netcode?
Not always, no. If you make transactions below your chosen daily limit, you won’t need a Netcode. Also, you won’t need a Netcode for authenticated accounts. These include automatic payment or bill payments loaded for you by an ASB staff member, any payees you save as Netcode authenticated and any companies on our pre-registered list (eg Telecom or Vodafone).
Netcode at sign on
You can choose to use Netcode for an extra layer of security when you log in to FastNet Classic. Just go to the 'Personal Details' section of FastNet Classic and choose the Netcode at login option.
Although this is optional, we highly recommend using this service if you need to access FastNet Classic on holiday – especially if you’re using a public computer and can’t be sure that it has the latest security patches and anti-virus software. It’s also a good idea to change your FastNet Access Password after accessing this type of computer on holiday.
Using Netcode while overseas
If you have a Netcode token, it will work just fine overseas. If you usually receive Netcode by text, it will depend on your mobile provider's coverage. If you have roaming set up, it should be fine, but we can’t guarantee delivery of your Netcode text overseas.
Stopping Netcode
Simply reply STOP to any Netcode text message to deregister from Netcode. Standard mobile charges apply. However, if you choose to not to use Netcode, you’ll need to call 0800 FASTNET (0800 327 863) to identify yourself whenever you make a transaction over your daily Netcode limit (usually $500).
What does it cost?
It’s free to register for Netcode. Then there’s a $0.20 charge each time you enter a Netcode or ask our call centre to release a Netcode payment. You’ll only need to enter the code once for each FastNet Classic session.
Alternatively, you can choose to have a Netcode token which will cost $1 per month, regardless of how many Netcodes you use. If you lose your token there is a $20 fee to replace it. Fees are subject to change.
Changing your Netcode daily limit
You can set your own daily Netcode limit through the 'update details' section of FastNet Classic. Your daily limit can be as low as $1 or as high as $500.
Register for Netcode
Just call 0800 FASTNET (0800 327 863) and select option 2. If you’re overseas you can call +64 9 306 3000. Our team will some questions to make sure it is really you, but remember, we will never ask for your FastNet Classic password, or ASB FastCash PIN number. You can choose to receive Netcode in two ways:
- Netcode by text: we’ll just ask for your mobile phone number. Then once your registration is complete you can start Netcode authenticated transactions straight away.
- Netcode on a token: we’ll post your token out to you. When it arrives, just call 0800 FASTNET (0800 327 863) to activate it and you can start making Netcode authenticated transactions.
Short URLs
Short URLs can be really handy because they’re easy to paste or type. Unfortunately, you often have no real idea which site a short URL is linking to or whether it was created by us. We’re using a customised ASB URL shortener (asb.co) so you’ll always know that our short URLs were created by us (eg. http://asb.co/dVr3Y8)
