Security Information
Cybersecurity principle
Cybersecurity is our top priority. We will ensure that your personal data will be protected against unauthorized or accidental access, processing or erasure. We maintain this commitment by implementing appropriate physical, electronic and managerial measures to safeguard our information systems. We will strengthen these measures on a continual basis. We will also increase the cybersecurity awareness of our staff through internal training and customers through publishing security information in our website.
Data Security
- Security is our top priority. We will ensure that your personal data will be protected against unauthorized or accidental access, processing or erasure. We maintain this commitment to data security by implementing appropriate physical, electronic and managerial measures to safeguard and secure your personal data.
- The secure area of our website supports the use of 256-bit Transport Layer Security (TLS) encryption technology - an industry standard for encryption over the Internet to protect data. When you provide sensitive information, it will be automatically encrypted before being securely dispatched over the Internet.
- Our web servers are protected behind "firewalls" and our systems are monitored on an ongoing basis to prevent any unauthorized access.
- We will take all practical steps to ensure that personal data will not be kept for longer than is necessary and that we will comply with all statutory and regulatory requirements in the Hong Kong Special Administrative Region concerning the retention of personal data.
Security Assurance
- Both you and us play an important role in safeguarding against online fraud.
- We endeavor to put in place high standards of security to protect your interests.
- You should be careful that your account details (including your user name and password) are not compromised. You should ensure that you do not knowingly or accidentally share, provide or facilitate unauthorized use of such details. Do not share your user name or password or allow access or use of your user name or password by others.
- You should safeguard your user name and password and keep them secret and confidential. Never write them down. We will never ask you for your password given that you should be the only person who knows it.
- When choosing your user name and password, do not use easily identifiable information such as your birthday, telephone number or a recognizable part of your name.
- If you think your user name or password has been disclosed to another person, is lost or stolen or an unauthorized transaction has been conducted, you are responsible for informing us immediately.
Ways to stay safe online
- Using our online services
Be alert when using our online services. When using our online services, you are advised to type our website address https://www.bocpt.com directly into the browser address bar, or use our mobile application "BOCPT MPF" downloaded from Google Play or Apple Store. We will not call or email you asking for login information (including user name and password). In addition, you should NOT disclose such account information and your personal information to any third-parties. You are being reminded NOT to access our online service through any third-party platforms such as websites, mobile applications, or any other financial management software/platform, or through other access points to log in our online services, or disclose your user name and password to such third-party platforms. You must understand such third-party platforms can obtain your financial information and transaction records. They may also misappropriate your personal information and may conduct unauthorized activities. Our company shall not be responsible or liable for any impact or loss due from this kind of activities. If you have used any third-party platforms to log into our online services, we strongly recommend you to change your password as soon as possible to protect your personal information. - Get the Latest Anti-Virus, Anti-Spyware and Firewall Software
Download updates regularly to make sure you are protected against any new online threats. - Internet browser
Browsers that meet basic security requirements:
- Microsoft Internet Explorer (version 11 or above)
- Google Chrome (version 88 or above)
- Mozilla Firefox (version 85 or above)
NOTE: We always recommend using the latest version of Internet browsers. - Security protocol of Internet browser
Use those Internet browsers that support security protocol TLS 1.1 or above. Do not use unsecure security protocols such as SSL 2.0, SSL 3.0 and TLS 1.0. - Try Not to Use Wi-Fi Connection in Public Areas
Using Wi-Fi connection in public areas will expose your mobile device or computer to attack. If network connection is necessary in public areas, using mobile data connection (e.g. 4G LTE) will be much safer. - Update Your Internet Browser
The newest versions have built-in protection against fake websites and viruses. Always check for the latest version and update as soon as possible. - Choose A Memorable Password but One That’s Hard to Guess
Passwords that combine letters, numbers and symbols are generally harder to guess. - Use A Different Password to the One You Use for Other Services
Try to separate your passwords for different services. For example, you may use one password for online banking but another password for MPF account access. - Change Your Password on a Regular Basis
It is a good idea to change your password regularly, say monthly, bi-monthly or quarterly. - Never Disclose Your Password
We will never ask you for your password. If you receive a call or an email from someone claiming to be from BOCI-Prudential Trustee Limited and ask you for password, please ignore it and contact us immediately. In addition, please DO NOT disclose or store your user name and password to any third-party platforms such as websites, mobile applications or any financial management software/platform. - Do Not Let Your Browser Remember Your Log on Details
It is much safer to reenter your details every time you log on, even if it takes slightly longer. Storing browser history may give a greater chance for hackers to unveil your login details. - Look after Your Paper Statements
Fraudsters can use information on paper statements to steal someone’s identity. You should always tear up your statements before throwing them away or shred them using a shredding machine. - Learn to Spot Fake Emails and Websites
Criminals use them to cheat people to give away passwords and other personal details – the technical word is ‘phishing’. Study every email carefully. The rule-of-thumb is not to open any suspicious email.
Try to install internet security software that gives proper protection to your computer and/or mobile device while surfing online and/or using mobile apps.