The Rock Building Society Limited
Search

Personal

Internet Banking Terms and Conditions

  1. The terms and conditions that apply to internet banking are in addition to the terms and conditions that apply to your account with The Rock Building Society Limited ("The Rock"). Copies of the standard terms and conditions are available at all Rock branches and agencies, or by contacting one of our friendly Customer Service Officers on 1800 806 645.

  2. To use Internet Banking you will need to register for Internet Banking with The Rock.

  3. When you register for Internet Banking you will be issued with an access password.
    Your access password will apply to both Internet Banking and RockDirect phone banking.

  4. It is your responsibility to protect your access password to ensure that no one else can access your accounts. For security reasons do not write down your access password in an undisguised form, or keep it with your account information. Do not disclose your access password to third parties (including family members). You should change your access password on a regular basis to ensure that it is secure (this can be done through Internet Banking). Should you become aware of the loss, theft, or possible unauthorised use of your access password you should immediately change your access password using Internet Banking, or contact The Rock immediately.

  5. For security reasons do not write down your access password in an undisguised form, or keep it with your account information.

  6. Do not disclose your access password to third parties (including family members). You should change your access password on a regular basis to ensure that it is secure (this can be done through Internet Banking).

  7. Do not use internet cafes or public access internet terminals to conduct internet banking or another source where you cannot verify virus protection is current and firewalls are installed. The Rock will not be liable for any unauthorised transactions emanating from your login details being compromised from such a source.

  8. The Rock will NEVER ask you, via email, or telephone, or any other way to divulge your internet banking Access Password. If you respond to such an email purporting to be from The Rock, we will not be liable for any unauthorised transactions emanating from this compromise.

  9. A number of financial services and portal sites offer you the convenience of displaying all your account details on a personalised web page. These sites need your client number and access password to your Rock accounts so that they can interrogate our system and display your details back to you. The Rock can take no responsibility for unauthorised transactions that may arise as a result of you disclosing your client number and access password to other parties. It is your risk if you give your access password to an account aggregation service.

  10. Should you become aware of the loss, theft, or possible unauthorised use of your access password you should immediately change your access password using Internet Banking, and/or contact The Rock.
  11. The Rock is not liable for any loss or consequential damage if you use Internet Banking to access your Rock accounts or to perform transactions on your Rock accounts.
  12. The Rock is not liable for any unauthorised access to account information or transactions processed using Internet Banking prior to your notification to The Rock of the loss, theft or possible unauthorised use of your access password, should you have been reasonably aware of this loss, theft or unauthorised use.
  13. Whilst every effort will made to ensure that the internet banking service is available 24 hours a day, there may be occasions that the service will not be available due to system maintenance, system failure or network problems beyond our control.
  14. If The Rock suspects fradulent activity or unauthorised transactions we will temporarily freeze your Internet Banking access and/or stop payment on the suspect transaction until we can contact you and recieve confirmation satisfactory to us that the transaction may proceed. The Rock will then remove any freeze on your Internet Banking access.

Important Information - it is essential you take the time to read this.

Internet Banking Security Warning

  1. Clients can check that they are linked to The Rock Building Society internet banking by:
  2. Observing the locked padlock symbol located in the bottom right corner of their browser.
  3. Clicking on the locked padlock symbol to check the certificate.
  4. To ensure that no one else can access your account information through Internet Banking, it is important to select a password that is difficult for someone else to guess. For security reasons, do not keep your access password with your account information, or disclose it to anyone else and change it regularly.
  5. It is important to "log-off" from Internet Banking if you are leaving your computer unattended for a period of time. This will prevent unauthorised access to your account information. As an added security precaution Internet Banking will "log-off" automatically after 15 minutes if your Internet Banking session is inactive.
  6. Also we require that you do not use AUTO-COMPLETE to save your passwords. This would allow others to access your account after you have used the computer.
  7. Ensure that you have current anti-virus software and a personal firewall. If you have Windows XP, ensure the Firewall is turned on and also consider installing Windows Defender (free from the Microsoft site) - a very effective anti-spyware program. You should update anti-virus and firewall products regularly (most have auto-update options) and also ensure your "Windows Update" is set to automatic to ensure all critical security patches are downloaded from Microsoft. There is also a government website which features a wide range of information on all types of internet fraud and how to prevent becoming a victim. The site can be found at http://www.staysmartonline.gov.au
  8. Be very wary of installing software or running programs of unknown origin - particularly if downloaded from the internet as this is the principal source of "malicious" programs that pose a serious risk to your personal information.
  9. Do not accept links or redirections from other websites or media for the purpose of logging onto The Rock website, particularly for internet banking. Save our IBank access page in your "favourites" and use this to access.

Phishing and Internet Banking

  1. 'Phishing' is the term used to describe the wide net cyber-spammers use to generate messages asking recipients to reveal personal details or depicting an urgent scenario, offer or event to entice them to click a link. Links can contain dangerous payloads which can not only upload dangerous code to computers but capture personal details.
  2. Some banking websites have been ghosted or 'spoofed' in the past to appear as if they are a real site, you should always check for the https in the address which denotes you are at a secure site. If the site looks strange or different in any way disconnect and report to us immediately.
  3. If you receive an email message from a sender unknown to you or with content unknown - delete it immediately including deleting it permanently from deleted items.
  4. Perpetrators will use immediate alerts or urgent response mechanisms to entice you to reveal details, always confirm any message reportedly from your banking provider with them BEFORE responding even if the message is headed urgent or stresses your banking links or cards will be rendered inactive.
  5. Email spam messaging can contain dangerous payloads in the form of computer viruses that capture personal banking details. If you suspect you have had this occur or suspect your details may have been compromised you should tell us immediately.

Identity Theft

  1. Identity theft is fast becoming a major issue for Australian financial institutions and their customer's funds.
  2. Identity Fraud can take many forms, it can be perpetrated in a number of ways including;
    - Take-over of a valid identity of a customer using valid channels such as Internet banking, Telephone banking, bill payments, account opening, lending applications via remote sources and changing customer contact details.

    - Theft of a valid identity and attempt to open an account in the customer's name using the stolen and sometimes altered documentation.

    - In dealing with possible identity theft issues, The Rock may have to ask for additional proof of identity for certain types of transactions and although this process may cause some inconvenience for the customer, it is an essential action The Rock must take to protect the customer's funds.

  1. Some of the requests that may require heightened proof of identity include:-


    2. - Almost all non face-to-face requests (phone, email, fax etc)

    - Requests to change address (may also require other proof of this change)

    - Third party introduced lending and account applications where original documents have not been sighted by the individual institution.

    - Requests for issue of debit card or internet/phone banking access (particularly over the phone)

How to avoid identity theft

  1. Never carry your identification documents such as your birth certificate or passport in a wallet, case or handbag unless you need them
  2. Ensure you retain personal tax records and other financial documents such as statements and receipts in a secure place.
  3. Destroy or delete your tax file number (TFN) from any documents before throwing them away never quote or give out your TFN unless there is a good reason completing a government tax form or opening an account
  4. Never leave documents such as registration papers, expired drivers' licences, utility bills or spare house keys in the glove box of your car (even locked) as these are all items a would be thief can use to steal your identity
  5. Receipts and other personal information should never be disposed of unless shredded or destroyed
  6. Identity thieves will search through bins for your personal information. Always ensure that documents disclosing your credit card number are destroyed
  7. Always have a locked mailbox to send and receive mail or use a post office box.
  8. Ensure your mailbox is big enough to take large articles so that they can't fall out or easily be taken
  9. Be alert to when your account statements should arrive and card expiry dates and always advise your financial institution immediately if an expected new or reissue credit or debit card or PIN mailer has not arrived
  10. If you suspect mail theft, contact the post office to confirm that your mail has not been redirected to another address
  11. Never reveal personal or account information over the telephone unless you are absolutely certain the person is genuine and YOU initiated the phone call
  12. Identity thieves sometimes trick you into providing your credit card number by claiming that you have won a competition or a holiday don't let this fool you
  13. If you photocopy proof of identity documents, keep them in a safe place.
  14. If you suspect you may be a victim of identity fraud, contact all financial institutions you do business with immediately. Keep records of persons you have spoken to, lodge a report with police and advise your credit reporting agency as soon as possible
  15. Check all your statements and account details regularly following any suspected incident and immediately report to the police and The Rock institutions any instances of misuse of your personal information

Protecting your business or organisation from identity theft

  1. Staff training in detection and prevention of identity fraud is crucial both to assist them to recognise potential signs and understand what to do.
  2. Practice a clean desk policy, ensuing that all customer records and similar are locked away each evening
  3. Ensure that all information on laptops, disk drives and portable storage devices is either encrypted or password protected
  4. Use a locked bag or post office mailbox, identity thieves can steal and alter incoming cheques from customers
  5. Account department validation of all accounts including any online services should be performed daily and regular audits performed on access controls
  6. Ensure you have facilities for secure destruction of sensitive information and never throw customer details into the rubbish
  7. Never divulge customer information to anyone and ensure staff are well trained in privacy legislation and requirements
  8. Law enforcement and government agencies may approach you to request records of customer accounts are produced. Always ensure you check on the legitimacy of the document and if necessary call the issuing department
  9. Tasking your external and internal auditors to regularly review items such as accounts, debtors and customer details can assist to reveal incidents of internal fraud. Ensure early action on any triggers or red flags especially with items such as dormant accounts, statement cycle manipulations or similar
  10. Always practice robust pre-employment screening of your staff - permanent, temporary and contractors
  11. Practice a zero tolerance to fraud by reporting all suspected frauds to the police
  12. More information on on-line safety can be found at Stay Smart Online