Security and Fraud

How we protect customers

Your money matters to us. We want to keep it safe.

What we do to guard your money

Here’s how we try and keep your cash, and security details, from harm.

Our fraud guarantee works to protect you and your money when you bank with us, whether that's online, via the app, over the phone or in branch.

If you happen to fall victim to fraudulent activity, we guarantee to refund your loss as long as you've not acted fraudulently, you've taken reasonable steps to keep your details safe and taken sufficient care to check that the person or company you are dealing with are genuine.

How we help

However you choose to bank with us, you can be sure you are protected. Our fraud prevention methods include:

  • We use advanced technologies and specially developed fraud detection systems to spot unusual activity on your account
  • We use verification codes and security tokens as they provide you with an additional layer of protection when you bank online and make payments
  • We also use a timed logout system on our online banking service. This means that after a certain period of inactivity, you will be automatically logged out of online banking
  • We use a secure automated message service to contact you if we're worried about a payment you've issued.

When paying someone new we will check that you're confident about who you are paying. We'll do this by guiding you through tailored information about the type of payment you're making. If you don't want to continue or you're unsure about making the payment, you'll have the option to cancel it and contact us to discuss your concerns.

How you can protect yourself

We are proud to have signed up to the Contingent Reimbursement Model, a voluntary code that aims to offer our customers better protection from Authorised Push Payment (APP) scams.

An APP scam happens when you are deceived into transferring funds (through Faster Payment or CHAPS) to someone, or you transfer funds for what you believe is a genuine purpose, and this turns out to be fraudulent.

We do everything we can to keep your money safe and secure. However, there are common threats that you can be aware of and some simple steps you can take to help protect yourself from fraud.

If you are asked to make a payment, it is your responsibility to make sure the request is genuine before you authorise it. Please be aware of seemingly random requests to move money, or requests that are from people or companies you haven't dealt with before. If this happens, it is often a sign that you are being tricked.

Each situation will be assessed on an individual basis. However, we are not likely to refund you if:

  • You have not adhered to the security requirements set out in the terms and conditions of your account
  • You've not exercised all due care and diligence to check that the person or company you are dealing with is genuine
  • You fail to keep your card and PIN safe
  • You fail to keep your online and telephone banking passwords safe. It's important that you never tell anyone your verification code
  • You fail to let us know as soon as possible of any security breach or potential security problem, e.g. the loss of your card
  • You have provided us with incorrect payments instructions
  • You have not exercised all due care and diligence when allowing an authorised Third Party Provider (TPP) access to your account
  • You have acted fraudulently.

If you believe you are a victim of fraud, contact us immediately.

Remember that a genuine bank or organisation will never contact you randomly to ask for your PIN, full password or to move money to another account as part of an investigation.

Don't give out personal or financial details unless it is to use a service that you have signed up to, and you're sure that the request for your information is directly related.

What is two-factor authentication?

When you’re completing certain actions on your account, e.g. setting up a new payment, you’ll need to enter your password, 6-digit security code and a verification code we will send to you by text message or email. It’s important that you never tell anyone your verification code. There are also situations that may need you to enter a verification code, for example viewing your statements, transactions or accessing your planned payments.

Visa Secure

Visa Secure is the new name for Verified by Visa and adds extra security to online card payments.

Before a payment is approved at the checkout, you may be asked to enter:

  • Your full Visa Secure password
  • A one-time passcode that we will send to your UK mobile number via text message.

We’ll send each unique, one-time passcode to the mobile number that is registered on your smile bank account — so it's important we have a mobile number registered for you, and that this number is kept up-to-date.

To register for Visa Secure

For current accounts, call us on 03457 212 212

For credit cards, call us on 0345 600 6000

Monday to Friday 8am to 6pm and weekends 9am to 5pm or find out more

How do I update my contact number and/or email address?

You can update your contact number or email address in a number of ways.

Using our mobile banking app:

  1. Log in to our mobile banking app
  2. Tap 'More' in the bottom right corner while you're on the main accounts screen
  3. Tap 'My settings and details'
  4. Tap 'Personal details'
  5. Tap 'Edit' on the phone number or email address you'd like to update
  6. Once updated, tap 'Save'.

We'll ask you to verify the change by using your fingerprint, passnumber, or Face ID.

Using online banking:

  1. Log in to online banking
  2. Visit your ‘My details’ and select ‘Change your contact details’
  3. You can change your email address or contact number in the fields provided.

You’ll need to enter your password, 6-digit security code and a verification code we will send to you by text message or email. It’s important that you never tell anyone your verification code. When changing your contact details, we will send a verification code to the mobile number or email address we currently have for you, not your updated details.

Automated Messaging Service

In the course of protecting you from fraudulent activity, we may contact you by telephone, text message or email using our automated messaging service. This enables us to swiftly find potentially fraudulent payments made on your account and halt fraud at the earliest stage we can.

How do I know if a text asking me to confirm a transaction is from smile?

If we have a working mobile number for you and need to check suspect activity on your account, we may send you an automated text message. When you respond, we’ll know if you made the transaction or not.

This text will:

  • Include details of your transaction
  • Ask you to respond by text 'yes' or 'no', to confirm if you made the transaction.

We will never ask you for any personal or security details via a text message and we will never include a link in a message that asks you to login to our online banking login page. If you receive a text message asking for this, it is not from smile - do not respond.

Remember we will never ask you to provide verification codes or token codes over the phone.

If you have any concerns about a text message - do not respond. Always stop and think. Please do not attempt to call back the phone number from which you received the text message, instead, contact us.

Please also forward any scam texts or emails claiming to be from us to ihaveseenascam@co-operativebank.co.uk

For more information regarding the cost of text messages, please contact your mobile network provider.

How do I know if an automated call is from smile?

If you do get an automated call from us, we’ll clearly say who it is for and proceed through the following steps:

  • We’ll verify who you are
  • Give you some information regarding your recent payments
  • Ask you to confirm, through the use of your phone’s keypad, if you made the payment
  • End the phone call, provided you are the one who actually made the payments - if you didn’t, we’ll promptly connect you to one of our advisors.

If we can’t get hold of you, we may leave you a voicemail message, text message or email asking for you to get in touch with our customer service team.

You can call them on +44(0)345 401 9127 or +44(0)345 355 2430. (Call charges)

How can I tell if an automated call or text message isn’t from smile?

Our automated phone call, text message or email messaging services will not ask you for any of the following information:

  • Your account numbers or card details
  • Your telephone or online banking login, or other sensitive information
  • Your PIN or verification code.

We will also never ask you to:

  • Call a telephone number that isn’t one of our dedicated Caller Line Identification (CLI) numbers - these numbers are +44(0)345 401 9127, +44(0)345 355 2430
  • Click on a link within a text message or email which asks for you to input your online banking login details, or any other security details.

If you’re worried that a call, text, email or social media message you have received is fraudulent - or you fear you may have revealed your banking or security information - please contact us as soon as possible.

Call charges for automated messages

Text message responses regarding Automated Text Alerts are charged at the standard rate by your provider. If you are replying from abroad this cost may be higher. For further information on text message costs, please contact your network provider.

Visa Secure is the new name for Verified by Visa and adds extra security to online transactions. When shopping with a participating retailer, before a payment is approved at the checkout, you may be asked to enter:

  • Your full Visa Secure password
  • A one-time passcode that we will send to your UK mobile number via text message.

We’ll send each unique, one-time passcode to the mobile number that is registered on your smile account— so it's important we have a mobile number registered for you, and that this number is kept up to date.

Need to register for Visa Secure or forgotten your password?

For current accounts, call us on 03457 212 212

Monday to Friday 8am to 6pm and weekends 9am to 5pm.

For credit cards call us on 0345 600 6000 or more information.

We use the latest technology to guard your cards from fraudsters and keep your payments extra secure.

Chip and PIN

Keeping your security details safe

Chip and Personal Identification Number (PIN) technology is arguably the most effective way to keep your credit and debit card secure. As long as you keep it confidential.

Chip and PIN technology works by checking the PIN you enter against the chip on the card. So no-one can use it except you, providing you keep your security details safe and secure.

Changing your PIN

If you believe someone knows your PIN, or you need to change it, then visit a Co-operative Bank cash machine and change your security details from there.

Find a cash machine

Lost or stolen card

If your card is lost or stolen, then it's important to report it to us as soon as possible. Please contact us immediately:

+44(0)345 600 6000 (call charges).

We'll cancel your account and help to reduce the risk of fraudulent activity by sending out a new debit/credit card and PIN in the post.

If there's a transaction on your statement you don't recognise, please contact us immediately:

  • +44(0)3457 212 212 - for current account customers
  • +44(0)345 600 6000 - for credit card customers
  • +44(0)3457 213 213 - for business banking customers

When banking online, we go to great lengths to keep you protected. Here’s how we do it.

What we do to keep you safe

Protect your money

When paying someone new we will check that you’re confident about who you are paying. We’ll do this by guiding you through tailored information about the type of payment you’re making. If you don’t want to continue or you’re unsure about making the payment, you’ll have the option to cancel it and contact us to discuss your concerns.

Encryption technology

To help keep your identity and financial information protected, we use up-to-date encryption technology to prevent unwanted users from accessing your private information.

Fraud detection systems

We employ various forms of fraud detection and frequently check your account(s) for suspicious activity. We also utilise verification codes to protect your account when you set up a new payment online.

New Payees

When paying someone new we will check that you’re confident about who you are paying. We’ll do this by guiding you through tailored information and providing the option to cancel it and discuss your concerns. We’ll also check the name of the person or business you’re paying when setting up a new payee in the app or online banking.

Secured login

When you use our online or mobile banking services, you will have to follow our registration process. This helps us make sure it is you registering for and accessing the service and not an imposter.

Timed log-out

Logged in to online banking but haven’t done anything for 10 minutes? We’ll log you out.

Report fraud

Scams can be sophisticated. If you fear you’ve fallen victim to fraud, call us immediately on:

Please note, calls to these numbers will be charged. See call charges.

Report a scam or potential scam

Call 159 — this service quickly redirects you to your bank, so you can report scams and suspected fraudulent contact.

Find out when you should call 159

Fraudsters will sometimes send fake emails claiming to be from trusted organisations. If you suspect a smile email of being a scam, please let us know by forwarding it to ihaveseenascam@co-operativebank.co.uk

Along with other UK banks, we have made a commitment to UK finance and the FCA to protect our customers from fraud. View our approach to fraud prevention (PDF).

Verification codes

We use verification codes as an additional layer of security when you’re doing things like logging in to online banking, making online banking payments or setting up new payees.

To make sure it’s always you using your online banking account and nobody else, we’ll either send your code as a text message or in an email. You then need to follow the instructions online to enter the code.