This policy is applicable to all employees of the Bank, Head office and its branches and its vendors.
Bank customers' sensitive personal data i.e. biometric data, passwords and financial information such as bank account details, credit and debit card details shall be protected by BANK by following reasonable security practices and procedures. For this, Bank has:
A. Recognize that its first priority is to avoid causing harm to individuals, which means:
Bank shall use customers' personal data only for the purpose for which it is collected. Bank is committed to ensuring that personal data is kept strictly confidential. However, personal data may be disclosed to regulatory authorities for the purposes of obtaining regulatory approval in accordance with applicable legal requirements, or otherwise to comply with applicable legal requirements.
Customer’s data shall be retained as per senior management Directives and Regulatory Standards (RBI directives)
Bank shall continuously review and asses the quality and completeness of thchange.
All staff handling personal data shall receive training in the requirements of data protection related laws and regulations. They shall also be educated about the legal consequences of intentional / unintentional disclosure /leakage of customers' data.
As per Information Systems security policies and procedures implemented in the Bank, Bank has implemented administrative, physical and technical safeguards to protect electronic personal data from loss, misuse and unauthorized access. Customers’ personal data shall be stored on a secured database. Bank shall not sell personal data to any third party or anybody and shall remain fully compliant with confidentiality of the data as per law. Bank shall share customers’ personal data to third party if required for business purpose only after implementing adequate controls to ensure maintenance of confidentiality and security of the data by the concerned third party.
It is recommended that each process of OTP validation shall have auto read facility of OTP in the Mobile application. Whenever the OTP send to the customer, mobile app shall auto populate the OTP in the required field instead of entering by keypad.
It is recommended that; the Mobile Application can have an ability to identify the “SMS forwarding Apps” as well as “Remote Access Apps” installed on the User’s handset. Based on the “AppID” of these kind of Apps, Mobile App shall restrict the users to access the login to the application if user have installed the listed apps.
SMS vendor should have Call back facility available to verify the status of SMS send from our end, also SMS vendor have “SMS Delivery receipt check” to know the delivery status of the SMS forwarded from our end.
Mobile banking Application shall have ability to read/detect Installed Application on user’s device and upload it on bank’s secure server for keeping safe track of existing applications. App shall prohibit/restrict Mobile Banking Application usage incase of any listed application with likes of remote access applications and sms forwarder applications is detected. By agreeing to terms within Mobile banking application and written consent form undertaken from user during opting mobile banking feature it will be considered user have provided affirmative consent for all above mention disclosures.
This Privacy Policy describes how Mobile banking app collects, uses, and protects the information you provide when using the SMS autofill feature in our services.
Mobile banking app may collect and process the following information: SMS Content: Mobile banking app may access and analyze the content of SMS messages to provide autofill suggestions for relevant information such as OTPs (One-Time Passwords) or transaction details.
Metadata: We may collect metadata associated with SMS messages, such as sender information, timestamps, and message status.
Usage Data: Mobile banking app may collect data related to your use of the SMS autofill feature.
Improving Autofill Accuracy: We use the information collected to improve the accuracy and relevance of autofill suggestions provided to you.
Security and Fraud Prevention: We use the information to enhance the security of SMS autofill and prevent fraudulent activities.
Sharing of Information: Bank does not share your SMS autofill data with third parties except as described in this Privacy Policy or with your explicit consent.
We retain SMS autofill data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law.