About report

For the second time now, the ING Bank Śląski S.A. Group has compiled the annual report in line with the best global practices of integrated reporting. To help readers use the interactive tools, we prepared a user guide with key features. We encourage you to watch a short animated video before reading the report.

zamknij
PL ENG A wersja-kontrastowa informacja
Brak notatek
Basket is empty
Send to print
Delete

Keeping the funds and data of our clients and partners safe is the key aspect we focus on in our daily routine. We observe threats on an ongoing basis and analyse their impact on the ICT infrastructure (applications, systems and networks) and our business processes, processes of our partners plus their potential consequences for clients. We use these data to design and roll out adequate organisational and technical solutions in the prevention, detection and response areas. Our ICT systems are protected with a multi-layer mechanisms and cybersecurity systems.

IT security management process

For each ICT technology at our Bank we design and implement model security requirements; they are regularly verified for effectiveness and correctness in tests, security reviews, and also internal and external audits. Such audits and tests are run by reputable expert companies.

We continuously improve our processes and procedures relating to threat prevention, detection and response as well as actions that eliminate their potential impact (e.g., unavailability of banking services). The said actions include but are not limited to the implementation of additional mechanisms to authenticate and monitor the activity of ICT system users and an additional protection layer against malicious software (like ransomware, for example). We have an elaborate and multi-channel cybercrime awareness programme for Bank employees.

We apply solutions of leading providers of tools and services in the cybersecurity area and unique solutions developed by our specialists. At the same time, we cooperate with ING Group entities and other companies and organizations in Poland (banks, sector associations, police). This enables us to watch trends, identify new vulnerabilities and prevent IT security threats.

Our partners are required to ensure adequate security as well.

czy-wiesz-ze
Additional mechanisms to authenticate and monitor the activity of ICT system users

In online banking, we use the following safety and security solutions:

This method enables authorisation of the instruction in the online banking system with an authorisation code. The user receives a code via text message or Halo Śląski system. The code is generated for one specific instruction and its validity is limited. Apart from the code, the user also receives transaction details which additionally allow them to verify the transaction.

Access to banking systems is possible only upon entering the user id and password. Communication between clients’ computers and the Bank’s server is encrypted with the TLS protocol. Ingbank.pl and online banking system are protected with high trust digital certificates that secure the connection with the encrypted HTTPS protocol. This ensures that sent data are fully secure in the encrypted format, secures them against tampering and authenticates the communicating computers.

When our clients make online card payments in a 3D Secure-enabled store, the payment is additionally confirmed with a one-off text message code. To use the 3D Secure payments at our Bank, it is not necessary to launch or activate anything – all you need is a card for online payments.

You do not need to enter the entire password to log into the online banking system – the system asks only for random characters.

After 15 minutes of inactivity, users are automatically logged out by the system.

For mobile banking, we use the following safety and security solutions:

  • transaction authorisation in the mobile application – this method is available for the clients who use the Moje ING online banking system, make transfers on their PC and have the Moje ING mobile application installed; this method and text message code are used alternately.
  • fingerprint login – this option is available for phones with the fingerprint sensor. This login method can be activated upon login to the application.
  • hard daylight limit – the amount threshold by which transfers can be made in the mobile application on a given day. The current limit is PLN 20 thousand.
  • automatic logout of inactive users – after 60 seconds of inactivity, users are automatically logged out by the system.

I am a client

I am a staff member

I represent the market and media

ustawienia
zamknij

Change currency to:

Change :

zamknij

Search results: