What this means for your business | Ulster Bank

What this means for your business

What this means for your business

From 14 September 2019, you’ll be asked to confirm your identity more often when you make a payment online. We’ll do this by sending you a unique, one-time passcode by text.

It’s our job to keep your money safe. So we’re constantly working on better ways to beat fraud. You can do your bit by being alert to how fraudsters might try to target you.

Always keep your contact details up to date so you can be reached if suspicious activity is seen on your account.

I'm a Bankline user

If you use Bankline, over the coming months you’ll be sent an upgraded Smartcard Reader with QR functionality. You’ll be able to use it straight away to authorise payments as you do today with your existing card reader. We'll let you know when you can start using the QR functionality on your upgraded reader.

Log in changes – When you start using your reader in the new way, you’ll notice some changes to your log in journey. SCA will apply to all Bankline users at log in and a QR code authorisation step will be added to the log in process.

Payment authorisation changes – You'll use your upgraded reader for authorising Bankline payments, along with any action that requires smartcard authorisation for example, making administration changes.

Frequently asked questions about card readers

 

 

I have a credit card

If you have a commercial credit card with us, you'll soon notice changes when you buy things online. You may also notice that you're asked to enter your PIN more often when you make a contactless payment. 

We limit contactless payments to £30, and from time to time you might be asked to enter your PIN into a chip and PIN machine as extra security.  However, for online payments and credit transfers, additional authentication will be required.

 

What this means for your online card activity

ClearSpend

We’ve added extra security features to ClearSpend. As well as logging in with your username and password, you’ll need to enter an OTP. We’ll send you that by text, to allow you to confirm your identity when you log on. 

 

After you’ve done this once, next time you’ll be able to use your username and the ClearSpend mobile app’s biometric feature to log into ClearSpend.

 

To update your contact details, please log into ClearSpend and select ‘Management’ from the navigation menu.

One Time Passcode (OTP)

When you buy things online, your existing commercial card details will be used as the first step to identify you. We'll then send you a one time passcode (OTP) to input and complete the transaction. The OTP is a  randomly generated set of numbers, sent via text.

 

You’ll need to key in the OTP when prompted. It must be used within 10 minutes before it expires. This will result in a more secure way for us to authenticate the cardholder’s identity.

 

If we don’t have your up to date contact details, we won’t be able to deliver the OTP which means you may not be able to complete certain online transactions when these changes are made.

 

In addition to online transactions, we may also need to send you an OTP when you log in to ClearSpend or Cards OnLine.

 

Your existing commercial card details will be used as the first stage of authentication. We'll then send you an OTP to input and complete the transaction. The OTP is a  randomly generated set of numbers, sent via text.

 

You’ll need to key in the OTP when prompted. It must be used within 10 minutes before it expires. This will result in a more secure way for us to authenticate the cardholder identity.

 

If we don’t have your up to date contact details, we won’t be able to deliver the OTP which means you may not be able to complete certain transactions when these changes are made. This will prevent you making transactions online.

 

More information about OTPs

IntelliLink

As part of the PSD2 changes that Visa are implementing, the two layer ‘Memorable Word’ authentication will be replaced by a Two-Factor Authentication (2FA) process. Users will be required to login to the system using a Possession factor (an authentication code) in conjunction with their existing Knowledge factor (their password).

 

The authentication code can be generated by any of the following channels:

 

  • The Visa IntelliLink Spend Management mobile app
  • A third-party authentication application of the user’s choice that supports the Time-based One-Time Password algorithm (TOTP), such as Google Authenticator, Authy, Duo Mobile, LastPass Authenticator, and others.

 

You can contact the bank to register for IntelliLink, but will then be invited to setup 2-factor-authentication. This will be the registration process:

 

  • Select Log in and the memorable word challenge will display. We'll ask you to enter three characters from your memorable word; upon submitting, you'll see the two-factor authentication window. 
  • The VISM app is available on android and iOS and you need to install it on your mobile device and log in to it. When you have successfully logged in, a confirmation message displays in the app. 
  • Tap within the app and select Authenticator from the menu. 
  • An authentication code displays for 1 minute. It updates every minute with a new code. 
  • Click Continue in IntelliLink to open the Two-Factor Authentication Window. 
  • Enter the code generated by the VISM app and click Verify. 
  • After you are successfully registered, you will receive a confirmation email.

Once you have successfully registered, you will be able to use the app to log into IntelliLink. 

Cards OnLine

We'll be adding additional security features to Cards OnLine. As well as logging in with your username and password, you’ll need to enter an OTP. We’ll send you that by text, to allow you to confirm your identity when you log on. This will need to be undertaken each time you login to Cards OnLine.

 

To update your contact details, please call into our Customer Service team to provide a mobile phone number.

 

As part of fraud prevention 2-factor-authentication will soon become mandatory. In addition to your partial PIN and password, you'll need to enter a one-time-passcode sent via SMS to confirm your identity.

 

It's of vital importance that we have your up-to-date contact details ahead of September. 

 

To register, we'll send you a mail authentication code (MAC) in the post as we do today.  In addition to the MAC, you'll have to enter a one-time-passcode sent via SMS to securely register.

 

If you're interested in the detail, the SMS one-time-passcode proves 'possession' of your registered SIM card. When combined with the MAC, this satisfies the requirements of Strong Customer Authentication. 

Set Tab for lightbox