State Bank of India with its over 200 years of service to the nation embodies safety, trust and integrity.
We have always woven these values into our relationship with customers. Internet banking is one more effort to add value to the relationship.
Internet banking facility offers convenience of extended hours banking to its customers. In terms of the Code of Fair Banking Practice,
we notify you on the characteristics of Internet Banking.
- What is the Disclosure about?
- The debate about how secure the Internet is, has not settled down. We would therefore say that the Internet banking channel
comes with risks inherent to the Internet arena. Smart users world over have found ways to manage these risks. Banks worldwide have
moved their customers to the Internet with enormous gains in efficiency and service quality. It is the customer who gains.
This is exactly what we want for our customers. To come back to the question of risks, good practice suggests that the users
should evaluate risks, appreciate and balance the criticalities and the convenience which Internet banking offers. SBI has put in place
secure and effective systems to mitigate the risks from the bank's end. We seek a little effort from your side, in maintaining this as
a safe and secure channel. We want our customers to appreciate the risks realistically and mitigate them at their end.
This includes proper handling of Username and passwords and the overall safety of the system at the user end.
- Security Aspects
- SBI's Internet banking channel is protected by advanced security features, both physical and logical.
SBI has considered various risks inherent in transacting over a public network such as the Internet, and has deployed appropriate
security measures to protect customers. Firewalls allow only valid web traffic to reach our server. Proven 256-bit Secure Socket
Layer (SSL) encryption technology is deployed to ensure that the information exchanged between your computer and
https://retail.onlinesbi.sbi over the Internet is secure and cannot be intruded upon. 'VeriSign' certifies that information exchanged
during a valid session is protected during its transmission over the Internet. Additionally, the bank has installed mechanisms
such as Intrusion Detection Systems.
- Availability of Internet Banking Service
- The customers' accounts are opened and maintained in the Bank's Core Banking Solution (CBS), which does not function on 24*7 basis. Internet Banking merely provides, for the convenience of the customers, certain types of viewing and / or transacting access to such accounts. Access to account(s) is allowed in the prescribed manner during the availability of the CBS.
- Some of the services in Internet Banking are extended in conjunction with Other Source Systems (OSS) within or outside the Bank, which may or may not function on 24*7 basis. Such services will be available only when the OSS are functional. Availability of Internet Banking is also dependent upon availability of the network. In addition, Internet Banking will not be available during downtime.
- Standing Instructions / Scheduled Transactions are executed during the day after 8 AM on the respective due dates, and the time taken to execute depends upon the workload on the various systems like Internet Banking, CBS and OSS.
- Services offered
- Onlinesbi is an alternative channel for our customers and provides most of the services available at branches. Financial services such as fund transfers, third party payments, bill payments, opening bank accounts, closure of loan account, loan part payments, PPF transactions and issue of demand draft can be done through this service. Non-financial services such as viewing account information, request for cheque book, creating standing instructions and the like are enabled through this channel.
- Control measures
We have set up the following operational and control measures for Onlinesbi customers:
- Access to Internet banking is provided only on registration.
- The UserID and password generation is conducted in a secure environment and its distribution is automated.
- UserID and password are printed on tamper-proof stationery and mailed separately to the customers. Alternatively, UserID is sent by SMS and the password is sent through postal mail/ courier. UserID and password are also made available in person from the home branch .This reduces risks.
- Change of UserID and password on the first log on is mandatory.
- All correspondence on the service is sent to the address registered at the branch.
- Customer logins and activities are tracked and archived for future reference.
- Customer can fix the limits on the monetary value of transactions, which they desire to carry out over this service. The customer alone can modify this.
- For certain categories of transactions, second factor of authorization, such as a One Time Password, is required.
- Precautions
To enhance the security in conducting banking and other transactions, it is recommended that customers adopt the following practices. These are not special to SBI site. Banks world over expect their customers to do this much in mutual interest.
- Username and password allow entry to the internet banking site. Smart users avoid typing these on the keyboard while someone is close by.
- Maintain different passwords for Login and for Profile.
- Do not leave your computer unattended while you're connected to retail.onlinesbi.sbi.
- It is advisable to change your password if you believe that anyone has managed to get access to it. Using 'untrusted' systems for banking transactions is best avoided.
- Please log off from https://retail.onlinesbi.sbi and close the browser window after you have finished your session. Improper logging off will leave the connection between your machine and https://www.onlinesbi.sbi active for some time.
- Avoid writing down your Username and password in your diary or such place, which can be accessed by others.
- It is not a good idea to let the computer 'remember' your Username and password.
- Never divulge your Username and password to others.
- Do not access OnlineSBI if your computer device is not free of malware.
- Errors
- Periodically check your account statements. Any error in account statements should be reported to the bank immediately.