Service
1. Access the Customer Area
BBVA Personal offers you various channels to access your data, such as the bbva.it website, the App, or the BBVA Line.
BBVA takes the following steps to verify your identity:
- Website: you will need to identify yourself with your username and your complete password.
- App: allows different access methods, such as using a username and password, or by using biometric identification techniques (such as fingerprint or facial and iris recognition).
- BBVA Line: you will need to provide part of your password, but never fully, and this information will only be requested from you.
2. Last Access
BBVA informs you of the date and time of your last access to your Customer Area. Go to bbva.it, Customer Area, and you will be able to view it.
In the App, you can consult it through the menu, in the "Security and privacy" section.
To ensure that only you can access it, we recommend that you:
- Do not share your password with anyone
- Contact BBVA if you do not recognize the data of the last access to your Customer Area.
3. Chiusura della sessione
For the safety and protection of your data, if BBVA finds that you are not browsing and that you have left the session open, it will close it so that no one else can access your information, warning you in advance with a message.
4. User credentials
BBVA stores your passwords in an encrypted format by generating a code that is saved in specialized user and identity management systems, so that no one can obtain your password or decrypt it.
When you enter your password on the login page, it is encrypted and the result compared with the saved code, allowing you to verify that the password was entered correctly.
As for your credentials, follow these recommendations:
- Although passwords do not expire, change them if you think they may have been compromised.
- Use passwords that are difficult to decipher by combining numbers, uppercase, and lowercase letters.
Se hai dimenticato la password per accedere alla banca online, puoi recuperarla in questo modo:
Dal pc, vai su: Accedi > Credenziali di accesso > Recupera credenziali di accesso > Ho dimenticato la password > Avanti e segui la procedura.
Dall’app, aprila e clicca su Hai dimenticato la password? E segui la procedura.
Per creare una password nuova, assicurati di avere a disposizione:
- Il tuo nome utente BBVA.
- Il tuo cellulare per ricevere il codice di sicurezza via SMS.
- Il codice PIN della tua Carta di Debito BBVA o le credenziali SPID per confermare l'operazione.
5. PSD2: what does it entail?
Every 90 days maximum, BBVA will ask you for 2-factor authentication (numeric code that arrives via SMS on your smartphone) or in case you request information on products or movements dating back more than 90 days.
6. Authentication, two-factor authentication, and transaction signing
BBVA is based on three safety factors: one element of knowledge, one of possession, and one of inherency to ensure that it is indeed you carrying out all the operations. To do this, we will always use at least two of these three factors:
- Knowledge (Something that only the user knows): per esempio le tue password usate per l’autenticazione.
- Possession (Something that only the user owns): for example, your smartphone, on which you will receive an SMS with a random code that can be used only once. It is used to sign transactions.
- Inherency (Something the user is): per esempio la tua impronta digitale, il tuo viso o l'iride. Using them will allow you to access digital channels.
7. Account blocked
Only if strictly necessary and to protect the security of your data, the account you use to access digital channels may be blocked in the following cases:
- If you repeatedly enter wrong passwords that do not match your account.
- If we detect abnormal behavior on your behalf, as a preventative measure.
Technology
1. Privacy and integrity
- User passwords: All BBVA customer passwords are saved and encrypted through an irreversible algorithm and, according to BBVA procedures, no operator will ask you for your complete passwords.
- Communications: Communications from services and digital banking are encrypted using the SSL protocol for privacy and integrity.
Furthermore, confidential communications that take place on BBVA's internal networks are protected with specific protocols.
- Data: The data stored in BBVA's systems and databases are protected by various security systems that allow access only to authorized employees.
At BBVA, data protection has top priority. For this reason, the processing of personal data takes place in accordance with the current legislation on data protection. In addition, security measures are taken to ensure the privacy of any information exchange between the customer and the bank.
2. Data privacy
In the Security and Privacy section of the App, you can control how BBVA uses your data, manage it, download it, and review the protection policy.
In the same section, you can check for what purposes the App needs access to the resources of your mobile phone (camera, microphone, contacts, etc.).
3. Safety tips
In the Security and Privacy section (App and web), you can find news, tips, and advice on security that may be useful to you.
4. Security of data processing centers
BBVA's data processing centers are equipped with the highest security measures for the protection of data processing systems, which include, inter alia, the following:
- Operational sustainability in the Tier IV Gold data center.
- Individual access control to the premises and to the various technical rooms, equipped with systems for detecting dangerous elements.
- A team of people in charge of surveillance and video surveillance cameras around the perimeter and interior of the structures 24 hours a day, 7 days a week.
- Specific detection and protection systems for access control, fires, floods, power outages, and other catastrophic events.
In addition, with two fully operational data centers, BBVA guarantees data recovery should the need arise.
5. Monitoring
BBVA has monitoring systems with a team of specialists who work 24 hours a day, 7 days a week, to identify possible fraud against customers.
Recommendations for the user
Credential protection
- Use passwords that are difficult to decipher by combining alternating numbers, uppercase, and lowercase letters.
- Passwords are secret; do not share them with anyone and change them regularly.
- Do not write your passwords on cards or notebooks; memorize them or use a password manager.
- On shared computers or if connected to public Wi-Fi networks, do not enter your login credentials in any online service, and do not provide personal data such as postal address, telephone number, etc.
- Avoid entering your personal information on a website that you have accessed via email. If you know it, we recommend that you log in by typing the address directly into your browser.
- Do not use the "autocomplete/remember password" option in your browser. When enabled, passwords you enter on a website are stored on your computer, which means that, when you re-enter your username, the password field is automatically filled in. This option on a shared computer may allow someone to use your personal passwords.
- Remember that BBVA will never ask you for your bank details or passwords via email, SMS, or instant messaging platforms such as WhatsApp, so do not provide this information through these channels. If you receive a request, please contact BBVA to verify it.
Device protection
Before starting to surf, increase the security of all your devices (PC, mobile phone, tablet…) and keep your operating system, browser, and applications updated.
- Always use up-to-date versions of the browser downloaded directly from the original website to make sure there are no security holes. You can also set up automatic updating whenever a new version is available.
- Make sure you are using a trusted DNS server (the one provided by your Internet service provider, or one that is recognized internationally, such as 8.8.8.8 or 1.1.1.1).
- Make sure the set-up screen for your Wi-Fi router is protected by a strong password. This will help to prevent hackers from manipulating the DNS server list on this device.
- Install an antimalware program and keep it updated. Both traditional antivirus and antimalware browser extensions protect you while browsing and alert you in case of anomalies.
- Similarly, we advise you to verify documents received from external sources with an antivirus program, always up-to-date and operational.
- Make regular backup copies of your files so you can recover them in the event of a device malfunction or a ransomware attack.
- Non collegare dispositivi esterni di origine dubbia o sconosciuta, come una chiavetta o un hard disk, ai tuoi dispositivi.
- Download programs and applications from official sites only.
- Set the screen lock or enable a password or biometric login on all your devices to prevent third parties from accessing them.
Safely surfing the Internet
- Evita di navigare su siti web importanti o su cui utilizzi dati personali (enti bancari, organismi pubblici, servizi medici, ecc.) da computer pubblici o di altre persone, perché potrebbero essere infettati da malware.
- When accessing a website, make sure the URL is the official one. If in doubt, use a search engine to confirm that the address is valid.
- Check your browser and antimalware software warnings: they notify you of any circumstances that may go unnoticed. Pay particular attention to warnings that a website is not secure (does not start with https://) or that the URL does not match that of the website's SSL digital certificate.
- Be wary of sites that ask you to provide data or to authenticate yourself in an unusual way.
- In the Cybersecurity section of bbva.it, you can find out more about current cyber attacks, as well as discover some security tips to protect yourself from them.
Request your physical or virtual BBVA Debit Card with a Dynamic CVV at no cost by opening the BBVA Online Account.
You might be interested
-
The main objective of a cyber attack is the financial benefit. To achieve this, there are different types of attacks aimed at stealing the confidential information of individuals and companies.
-
Spyware is one of the most common cyber attacks that any Internet user can fall victim to. It can endanger your personal information.
-
Vishing is a type of phishing carried out by cybercriminals through phone calls or messages left in your voicemail in order to obtain your personal data.