Safe internet banking

Getting access to your security details may enable third parties to view your account information and probably use it for illegal purposes. Be aware that protecting your security details is your responsibility.

  1. Always use the ING provided I-Dentity Card and ING I-Dentity Reader, or use mToken with mPIN (via Inside Business App). When using other readers, your (m)PIN may be retrieved and misused.
  2. Your (m)PIN is strictly confidential and for personal use only. Employees of ING will never ask for your (m)PIN. Neither via the internet, nor via e-mail, nor by telephone or otherwise. Your (m)PIN is the key to your account. Never disclose your (m)PIN to other people!
  3. Never write down your user ID and (m)PIN. Make sure nobody is watching when you key in your (m)PIN or your user ID on the screen.
  4. Lost your ING I-Dentity card or smartphone with IB App installed on it? Or do you suspect a third party knows your (m)PIN? Inform ING immediately to prevent misuse. To report theft or loss you can contact your helpdesk, or contact the 24/7 available security desk Alarm and Communication Centre ING +31(0)88 464 2224 (local rate / for InsideBusiness users).


Phishing: be suspicious of a fraudsters attempt to acquire your security credentials

A phishing attack is an online fraud technique used by criminals which involves sending official-looking e-mail messages with return addresses, links and branding that all appear to come from legitimate banks, retailers, credit card companies, etc. Such e-mails typically contain a hyperlink or QR code to a malicious website and mislead account holders to enter user ID and security details under the pretence that security details must be updated or changed or in order to prevent blocking of your bank account. Your (personal) information and credentials can be used to steal account information or create fraudulent transactions. Never click on the hyperlinks in such e-mails.

It is important that you are suspicious of anyone asking for your security or account information. ING staff will never enquire after your security credentials. Neither via the internet, nor via e-mail, nor by telephone or otherwise. Never give your security credentials to other people!


Be careful when using the internet

More and more often criminals use internet websites to persuade you into revealing confidential information, or to tempt you into downloading and running malicious software. Always be aware of this risk when you are working on the internet.

Any file you download from the internet may be infected by a virus, even if it is just a funny movie, a nice picture or a good PDF paper or article. Starting downloaded executables and so called freeware may compromise the security of your computer. Never install software which you have downloaded or received via e-mail, unless you are certain about its origin and integrity.

In case of doubt, contact your system administrator or IT helpdesk.


Starting and closing ING internet banking services

Starting ING internet banking:

  • Check the URL in the address bar of your browser. This should say: or
    If this is not the case, do not continue; you do not have a secure connection with ING. Please contact ING’s helpdesk.
  • Once logged on, check whether the displayed last logon date and time is in line with your actual last logon. Any discrepancy in this is an indication of fraudulent use of your credentials and must be reported to the bank immediately.
  • Click on the 'closed padlock’ icon in the address bar of your browser. Information on the secure connection is shown. Check whether the Secure Socket Layer (SSL) certificate is issued to ING.

Ending an internet banking session:

  • When you are done with your banking activities, always close the active session properly by clicking on ‘Log out’; otherwise someone else can misuse your still active connection with the bank.
  • If you have downloaded or opened a report or another kind of document, a copy has been stored on your hard disk. Make sure you clear your browser cache afterwards.
  • Close all browser windows.
  • Remove your ING I-Dentity Card from your ING I-Dentity Reader immediately after closing ING internet banking and store it in a safe place. This way you can be sure it will not be abused.


Do not leave your computer unattended

When you leave your computer unattended while you are logged in to ING internet banking, others can take advantage of the situation. Do not leave your computer unattended or lock your computer.


Check before you sign a transaction

Check the amount and beneficiary of the transaction before authorising. If you process a large number of transactions via ING internet banking, we advise the use of an accounting or ERP system. Within ING internet banking applications, the validity of the transactions can be verified by using the ‘hash check’ functionality.

When authorising your order you can check if it has been modified in ING internet banking. When importing transactions you can request a so called ‘hash check’. This is an extra method of checking whether your file was modified (the check provides no guarantee). You can contact your helpdesk if you need more support with using this functionality. 


Prompt checking of correspondence

Always check news and advices sent to you by the channel and immediately notify the bank for any discrepancies.

More information on access means for login and authorisation.