Security Tips
Digital Certificate Service Security Tips
1. Please keep your Global MyB2B Digital Certificate (certificate carrier) and Global MyB2B login password safe.
A. Do not use combinations of numbers that are easy to crack as your password (e.g. Unified Business Number, personal ID, date of birth, phone number or consecutive identical numbers).
B. When you apply for related services, please immediately change the Global MyB2B login password and initial password for your Global MyB2B Digital Certificate set forth in the Global MyB2B password letter sent to you by the Bank.
C. Change your passwords frequently and from time to time; especially when there is any suspected password leak, you should report a lost password or change the password immediately. In Taiwan, it is recommended that you change your passwords at least once a year; and for systems in other regions, passwords are required to be changed every three months.
D. Disable the browser "autocomplete" function that remembers usernames and passwords.
E. Do not use your Global MyB2B login password on other non-financial websites.
F. Do not tell anyone your personal passwords.
G. Do not write any password down in conspicuous and easily accessible places.
H. Be alert to your surroundings to prevent being spied on when entering password.
I. Different passwords should be used for different types of transactions to prevent all passwords being cracked in a single incident.
2. To prevent your Digital Certificate from being stolen , please remove it for safekeeping after authorizing a transaction by inserting your card, and do not leave your Digital Certificate on computers .
3. If you lose your Global MyB2B Digital Certificate, please make a request to the Bank immediately to temporarily block (or record a loss of) your Digital Certificate.
A. If you lose your Global MyB2B Digital Certificate, please make a request to the Bank immediately to temporarily block (or record a loss of) your Digital Certificate, in order to prevent misappropriation by others which will harm your interests.
B. You may log into Global MyB2B, and click "Block Digital Certificate Temporarily" under "User Services," or visit one of our branches, to temporarily block (or report a loss of) your Digital Certificate .
4. Please update the antivirus software on your computer and scan virus regularly.
Please install genuine security defensive software (e.g. firewall or antivirus software) on your computer and update virus definitions from time to time to reduce malicious intrusions and skimming of personal information by Trojan Horse (backdoor programs), viruses, worms and other malware.
5. Please use genuine operating systems and software, install the latest security patches for operating systems and browsers, and set a startup password on the computer you use to log into Global MyB2B.
6. When applying for Digital Certificates, customers of the Mainland Subsidiary are required to carefully read the Digital Certificate Services Agreement provided by the China Financial Certification Authority (CFCA), in order to understand their rights and obligations. Please visit the CFCA website ( http://www.cfca.com.cn ) regularly, and download and read the latest CFCA Certification Practice Statement, CFCA Digital Certificate Services Agreement and other related documents.
7. The building and maintenance of the Mainland Subsidiary's online banking system are carried out by the subsidiary's Taiwan parent bank outside Mainland China. The Taiwan parent bank will also take reasonably practicable steps to ensure service security.
Global MyB2B Security Tips
1. Please make sure you log in on https://www.globalmyb2b.com. If you have any questions, please contact one of our branches.
2. This website uses server digital certificates to activate 256-bit Secure Sockets Layer (SSL) encryption. All data transmitted by you via the services provided by this website is encrypted. As all data transmitted via Global MyB2B is done so through 256-bit Secure Sockets Layer (SSL) encrypted tunnels, a yellow padlock icon will appear next to the URL of the Global MyB2B website. Please click the icon to check the certificate information and the validity of the certificate.
3. Do not open emails with attachments from unknown sources and spam should be deleted. Do not log into Global MyB2B through any link in an email or unknown application, or through any Internet search engine. Refrain from installing or executing any software or application from unknown sources, and refrain from sending any personal information or password by email.
4. You should access Global MyB2B by entering its URL ( https://www.globalmyb2b.com ) on the browser or add the URL to My Favorites and then connect to Global MyB2B through the link.
5. Do not open other browsers while using Global MyB2B.
6. Do not use public computers (such as computers available in an Internet café ) or other non-trusted devices or computers to log into Global MyB2B, and do not arbitrarily disclose personal information (e.g. name, ID card number, bank account number, credit card number, and so forth) on the Internet.
7. Remember to leave the webpage by clicking "Log Out" before leaving your seat or after u sing Global MyB2B, and delete all Temporary Internet Files and history in Internet Options before closing all browser windows.
8. Please update your operating system regularly and turn off the share and remote functions of Windows to prevent malware intrusion. When connecting to the Internet, all shared files and printers on the computer should be removed.
9. You should regularly backup important data and check the balance, details and transaction history of your accounts with the Bank. If you become aware of any error or unauthorized transaction, please inform the Bank immediately.
10. To prevent others from spying on or intercepting your network information while accessing Global MyB2B, the system will automatically log you out and end your login session if you do not process any transaction or execute any system operation for a given period (Note) . If this happens, all operations executed and all data entered during the login session prior to the automatic logout will disappear automatically and will not be saved or recorded. You must log in again to reexecute the operations and reenter the data. (Note) A given period: 5 minutes in Vietnam and 10 minutes in other regions.
11. The Bank adopts a two-factor authentication mechanism for customers of the Singapore Branch accessing Global MyB2B. If a user wishes to conduct high-risk transactions (such as transfer and remittance) through Global MyB2B, in addition to logging in with its customer ID, user ID and user password, it must hold the Digital Certificate (certificate carrier) or One Time Password (OTP) issued by the Bank to authenticate its identity when carrying out the transaction in order to enhance transaction security.
12. If you lose your mobile phone or change your mobile number, please inform the branch immediately and carry out follow-up procedures as instructed by the branch.
13. Customers of the Ho Chi Minh City Branch in Vietnam must use OTPs (or OTP tokens) to conduct transactions through Global MyB2B.
14. If your OTP [token] is damaged or lost, or if you change your registered phone number or become a victim of suspected fraud or an actual or suspected hacking attack, please inform the branch immediately and carry out follow-up procedures as instructed by the branch.
15. If you have any questions about your transactions on Global MyB2B, you may seek assistance through the service hotline shown at the bottom of this webpage.
Security Tips for Using OTP
1. Please keep your OTP token safe.
2. If your OTP token is lost, please make a request to the Bank immediately to temporarily block (or record a loss of) the OTP token , in order to prevent misappropriation by others which will harm your interests . To make such request, please call the service hotline at 0800-818-009, and someone will be appointed to assist you.
Tips for Using Corporate Mobile Password
1. If you wish to replace your mobile device, please execute the replace device function to obtain an activation code before replacing the device.
2. If you wish to use the Corporate Mobile Password App through multiple types of mobile devices, you will be required to apply for the Corporate Mobile Password function separately.
Security Tips for Corporate Mobile Password/Global MyB2B App
1. Please do not use pattern passwords or passwords that are easy to crack (e.g. Unified Business Number, personal ID, date of birth, phone number or consecutive identical numbers). Be alert to your surroundings to prevent being spied on when entering password . Do not share your password with others.
2. Please do not leave your mobile phone/tablet installed with your Corporate Mobile Password/the Global MyB2B App unattended or let others use the mobile phone/tablet.
3. Please regularly update your Corporate Mobile Password/the Global MyB2B App to the latest version.
4. Change your login pattern password and Corporate Mobile Password frequently and from time to time.
5. To prevent others from spying on or intercepting your transactions, the system will display an alert message requesting you to restart the transaction if you do not confirm your transaction within 1 minute .
6. The services are only available for download on Google Play or the App Store. Please do not click on any website or application from unknown sources (or install any software other than from Google Play or the App Store). It is recommended that you install antivirus software, and update to and download the latest security patch from time to time, in order to protect your mobile device.
7. The services are not available for use on rooted/jailbroken mobile devices to ensure your account security and prevent data leakage.
8. The use of third-party keyboards is not recommended when filling out sensitive data fields.
9. The services are carried out in accordance with the applicable laws and regulations of local authorities.
Risk Associated with Online Banking Application Environments
Online transactions are not without risks. Please pay attention to the software, hardware and equipment you use while accessing online transaction services, and avoid conducting transactions on network equipment provided in unsecured places (e.g. Internet cafés). Do not disclose any password or other credentials having certain transaction approval functions in environments that are easily accessible by third parties (e.g. writing the password or credentials on a piece of paper and sticking the piece of paper on a computer). The Bank will, from time to time, inform you of the risks associated with online banking application environments in a manner comprehensible to the general public in order to remind you to be aware of such risks.
Website Statement
This statement sets forth the terms relating to the use of our network. All users who browse this website and relevant webpages shall be deemed to accept the following terms. Cathay United Bank Co., Ltd. (hereinafter referred to as “CUB” or the “Bank”) reserves the right to change the information and data contained in such webpages, as well as the terms, conditions and statements shown thereon. Any such change shall become effective upon posting.
Not all users will have access to all products and services. The Bank shall have the right of final interpretation as to whether you are eligible to enjoy specific products and services.
Accessing this website through web links or software not provided by the Bank may involve the risk of entering fake CUB websites. You are advised to access this website by safer means (e.g. entering the Bank's URL directly in the address bar of the browser or clicking the correct URL saved in My Favorites).
Copyright Notice
1. Unless otherwise specified, the copyright to all content of this website, including, among other things, its structure, webpage design, text, images and other information, is held by the Bank. No person may copy, mirror onto any servers other than that of the Bank's website, or otherwise illegally use said content.
2. Any person may only download or use, in the manner permitted by the Bank, the software or files on this website whose copyright is held by the Bank and which are provided to customers for download; no person may copy or use the software or files for other commercial purposes beyond the permitted scope. As for the software or files which are not owned by to the Bank but whose download URLs are provided on this website, the Bank only provides the relevant links for your convenience. All persons shall abide by the terms of use specified by the owners of such software or files when using them.
3. The copyright to the content, images and other such things designed, compiled or produced by this website shall be held by the Bank. Any reproduction or use of such content, images or things by other means shall be subject to the written permission of the Bank, and the source and the Bank's ownership of the copyright must be specified.
4. The Bank may make claims, in accordance with the law, against any unauthorized use of the content of this website without specifying the source and without the Bank's consent, which is in violation of applicable local laws and regulations and in breach of this Copyright Notice.
Trademark Notice
1. The Bank specifies that “Cathay United,” its “tree” shape Logo and other text, graphics and visible marks used to indicate CUB and other Cathay United businesses are commercial marks owned by the Bank.
2. The Bank has the commercial labeling rights and interests in connection with the aforesaid marks and such rights and interests are protected by law. No other person or party may modify, copy or otherwise use such commercial marks without authorization.
3. Any attempt to dilute or defame the aforesaid marks shall be illegal; the Bank may make claims against such attempts in accordance with the law.
Disclaimer
1. Any information (including but not limited to comments, forecasts, charts, indexes, theories, direct or implied instructions) shown on this website is for reference only, and you shall be solely responsible for your own decisions and actions.
All information provided on this website is for reference only. The Bank endeavors to ensure, but does not guarantee, the accuracy of the information provided. In the event of any error and omission, please refer to the information disclosed in the press or on the websites designated by the competent regulatory agency.
The Bank shall not be liable for any losses arising from, or as a result of the reliance on, all or part of the information provided on this website, nor shall the Bank be liable for any losses arising from the inadequacy and incompleteness of any information provided on this website or this website's failure to provide specific information.
2. Internet transmission may be subject to interference, interruption, delay or data errors. The Bank shall not be liable for any inaccuracy or untimeliness of any information or transaction that may be caused by the breakdown of communication facilities beyond the control of the Bank.
3. The information and content provided by other websites whose links are provided on this website are for browsing purposes and reference only. Please make your own determination and judgment regarding the content; the Bank disclaims any liability in this regard.
4. To the extent that local laws contain mandatory provisions on limitation of liability and exemptions, such mandatory provisions shall apply.
Personal Information Collection Policy
1. The Bank and/or the Mainland Subsidiary or Cambodia Subsidiary may collect information, such as Unified Business Number, user ID, user password and payee’s name, to help the Bank resolve issues encountered by customers.
2. Accessing Your Mobile Device
When you use the Global MyB2B App/Corporate Mobile Password, the Bank will need to access your mobile device as follows:
|
Access |
Purpose |
Global MyB2B App |
Corporate Mobile Password |
||
|
IOS |
ANDROID |
IOS |
ADNROID |
||
|
Storage space |
Storage information |
V |
V |
||
|
Album – recent photos |
Private banking services |
V |
|||
|
Album– view photos |
Private banking services |
V |
|
|
|
|
Camera |
Code scanning services for payment/taxation |
V |
V |
||
|
Microphone |
Video identification |
V |
V |
||
|
Call history |
Video identification |
V |
V |
||
|
Bluetooth headphones |
Video identification |
V |
V |
|
|
|
Native mobile biometric authentication: Face ID or Touch ID |
Quick login |
V |
V |
||
|
Background app refresh |
Monitor push notifications in the background Log out of the App automatically in the background |
V |
V |
||
|
Notification |
Receive push notifications |
V |
V |
V |
V |
|
Siri and search |
Default setting; not in use currently (user will not be notified) |
V |
V |
||
|
Network status |
Determine online/offline mode |
V |
V |
||
|
Mobile data |
Whether to use mobile data (users will not be asked) |
V |
|
|
|
l Personal Data Protection Act Notice
l Joint Confidentiality Statement by Cathay Financial Holding Co., Ltd. and Its Subsidiaries
(i) The statement is made in accordance with the Financial Holding Company Act ( 金融控股公司法 ), the Administrative Measures on Co-Marketing among Subsidiaries of Financial Holding Companies ( 金融控股公司子公司間共同行銷管理辦法 ) and other applicable laws and interpretations, and has been posted by Cathay Financial Holding Co., Ltd. and its subsidiaries (hereinafter collectively the "Group") on their websites. The names of the companies which share customer data as referred to in this section are listed in subsection (v) hereof. Any change to the list of subsidiaries due to any change in the Group's organizational structure shall be posted by the Group on the websites of Cathay Financial Holding Co., Ltd. and its subsidiaries.
(ii) All companies of the Group shall collect, process and use customer data in accordance with the Financial Holding Company Act, the Administrative Measures on Co-Marketing among Subsidiaries of Financial Holding Companies, the Personal Data Protection Act ( 個人資料保護法 ) and other applicable laws and interpretations. The Group represents that all subsidiaries sharing customer data have adopted strict confidentiality measures with respect to the collection, processing and use of customer data, and that they shall abide by all applicable laws when doing so. The Group undertakes to share customer data in accordance with the following statement.
(iii) Statement
1. Customer Data Collection Method
Customer data is collected by the Group through marketing activities and transactions in accordance with applicable laws, with customers' consent or based on the express agreement under various contracts and documents executed by customers. Customer data also includes publicly available information, information disclosed by government agencies or lawful information that third parties have the right to provide.
2. Storage and Safekeeping of Customer Data
All customer data obtained by the Group is securely stored on the Group's data warehouse or that which is provided by any third-party host engaged by the Group to manage its information system, and is subject to role-based access control. Customer data may only be obtained and shared in accordance with the data management policy formulated by the Group and to the extent permitted by law. No one may access customer data without authorization.
3. Data Security and Protection
The companies of the Group use SSL encryption or other security measures to protect your personal information. In addition to using secured software and hardware to transmit data, passwords are stored by way of secured protection mechanisms, and a firewall has been installed to prevent unlawful intrusion by third parties or unauthorized use internally.
4. Data Classification, Scope of Use and Individual Items
Customer data refers to the basic information, transaction information and other information related to the customers of subsidiaries. However, the Group may add or remove any classifications or individual items of such data based on the nature of the subsidiaries' business.
(1) Basic information: name, date of birth, unified identity card number, phone number, address, email address, capacity and so forth.
(2) Transaction information and other related information include:
(a) Account information: account number or other number with similar functions, credit (debit) card number, deposit account number, transaction account number, information on deposits, loans and other transactions, financial position and other such information.
(b) Credit information: records of dishonored negotiable instruments, cancellations and account denial, information on business operations and other such information.
(c) Investment information: investees or investments to be sold, amounts involved, time of transactions and other such information.
(d) Insurance information: insurance types, policy term, coverage, payment method and other such information.
5. Data Use
To provide customers with comprehensive and diversified financial management products or services, the Group may share or disclose customer data for the purposes of marketing (including co-marketing) activities or outsourcing operations to third parties, or as permitted by law or the competent authority.
6. Data Recipient
Customer data may only be shared or disclosed among the companies of the Group in accordance with the Financial Holding Company Act, the Administrative Measures on Co-Marketing among Subsidiaries of Financial Holding Companies, the Personal Data Protection Act ( 個人資料保護法 ) and other applicable laws and interpretations. The Group will not disclose or provide customer data to any third parties except for the purposes of outsourcing operations to such third parties.
7. Modification of Customer Data
Customer data may be corrected or modified by notice to any subsidiaries of the Group.
8. Opt-Out Methods
Customers may request the subsidiaries of the Group to stop sharing the customers' information by notice to such subsidiaries. The subsidiaries will stop sharing customer data within three business days of receipt of such notice. If a customer does not wish to receive any messages about financial management and business promotional activities, he/she/it may notify the Group's Customer Service Center, whereupon the Group will stop sending advertising messages to the customer.
(iv) Confidentiality agreement between Cathay Financial Holding Co., Ltd. and its subsidiaries in relation to business information and customer data
(v) List of Companies Sharing Customer Data
Cathay Life Insurance Co., Ltd.
Cathay United Bank Co., Ltd.
Cathay Century Insurance Co., Ltd.
Cathay Securities Corporation Ltd.
Cathay Securities Investment Trust Co., Ltd.
l Cathay United Bank Website Privacy Policy
Dispute Disposition
Singapore Branch
A. The Bank highly values the feedback and recommendations of all customers. If you wish to make a recommendation or file a complaint with respect to the services or products provided by the Bank's Singapore Branch for any reason, you can do so by email, letter or phone to the Bank's Singapore Branch. The Branch will respond to you promptly after receiving your valuable feedback and take all necessary measures to prevent the same issue from being raised by customers again.
B. Contact Channels
(1) CUB Singapore Branch feedback mailbox: 60500@cathaybk.com.tw .
(2) Mailing address: 8 Marina Boulevard #13-03 Marina Bay Financial Centre Tower 1 Singapore 018981 .
(3) CUB Singapore service hotline: (65) 6593 9280.
C. Investigation and Response: After receiving your valuable feedback, the Bank's Singapore Branch will investigate the dispute. Upon conducting a thorough review and investigating the cause of the issue, the Branch will promptly respond and provide explanations to the customer within fourteen business days of receipt of the feedback. If the dispute is too complicated to be resolved within said period, the Branch will first contact the customer to provide explanations and update on the progress, and follow up with a response detailing the results promptly after completing the disposition process.
Mainland Subsidiary
In order to timely and properly handle customer complaints, the Mainland Subsidiary provides complaint channels and adopts procedures as follows:
A. Complaint Channels:
(1)
Business Locations
Visit one of our business locations and complain to the operation officer or
leave us a message by completing our customer feedback form.
(2) Complaint Hotline
- Shanghai Branch: 8th Floor, Foxconn Building, 1366 Lujiazui Ring Road, Pudong New Area, Shanghai, China. Complaint hotline: 8621-68863785#1161
- Qingdao Branch: Rooms 2305-2307, 23rd Floor, Yuanxiong International Plaza, 26 Hong Kong Middle Road, Shinan District, Qingdao, China. Complaint hotline: 860532-55769888#1100
- Shenzhen Branch: Room 2501, Tower A, East Pacific International Center, 7888 Shennan Avenue, Futian District, Shenzhen, China. Complaint hotline: 860755-88663939#1100
(3) Letter
Send a complaint letter by post to the attention of the operation officer of one of our branches. Please refer to the addresses and contact numbers provided above.
B.
Complaint Handling
Procedures
Cambodia Subsidiary
If you have any question or concern, please call us at 023-211 211, or send the Cambodia Subsidiary a feedback form at https://www.cathaybk.com.kh/NG/contact/fdbck. We will do our best to resolve your issue.
Procedures for Notifying Customers and External Parties of Significant Incidents
Information on relevant incidents will be posted on our website.