Security guidance

Online Security

For up-to-date information and general advice on staying safe online, visit ukfinance.org.uk or getsafeonline.org.uk, who offer expert advice for everyone.

Last updated: Current

Protecting you - what B4B Payments does

One of our highest priorities is to ensure your privacy and peace of mind by employing some of the most advanced online security measures in the industry. This section explains the measures we take to protect you and what you can do to protect yourself from online fraud.

Our systems operate on 256-bit secure encryption. Look for the padlock symbol in your browser address bar.

Your login account will be locked out after three failed access attempts. You will need to call us to reset your account.

We will verify your identity before disclosing confidential information over the telephone or resetting your password.

We will never ask you to share your card PIN or any One-Time Passcode (OTP) - by phone, email, or text. If anyone contacts you claiming to be B4B Payments and asks for these, do not share them and contact us immediately.

We do not guarantee the site will be fault free and do not accept liability for any errors or omissions that occur.

Your username and password

Your username and password must be used in order to access certain restricted parts of the site. Your username and password are used by us to identify you. You are responsible for all transactions or communication carried out on the site by anyone using your username and password. Any breach of security of a username and password should be notified to us immediately.

Protect yourself

Never reveal your password to anyone.

Do not use a password that could be easily guessed by someone else.

Change your password immediately if you suspect someone else could know it.

Always log off of your internet session when you have finished viewing your account.

Keep your device updated with current anti-virus software and the latest browser versions.

Do not send us any confidential account information via email.

Treat emails and text messages you receive with caution. We will never ask you to disclose your personal or account information by email or text.

Security notice

All forms and online account pages - those pages that show your information - use 256-bit encryption. Encryption makes your information unreadable to anyone who might intercept it. In addition, a Secure Sockets Layer (SSL) is used to connect your browser to our secure servers.

Current browsers (Chrome, Firefox, Safari, Edge, and Opera) support 256-bit encryption.

Please do not send us any confidential information via email. We will only use email to send you account information such as your account balance and transaction information, or special offers if you have given your consent. We cannot accept any responsibility for the unauthorised access by a third party and/or the corruption of data being sent by individuals to B4B Payments.

Secure Socket Layer (SSL)

A Secure Socket Layer is a commonly used method of managing the security of messages transmitted across the internet and is used by us to connect your computer to our secure server. In most browsers, a small padlock icon appears in your browser address bar when SSL is in use. If you have problems getting to secure mode, ensure you are using a current version of your browser and try the site again.

Update your operating system and browser regularly

From time to time, vulnerabilities are discovered in operating systems and browsers. The publisher will release a patch to correct the weakness. These vulnerabilities are regularly exploited by virus writers and hackers to gain unauthorised access. To check for updates, visit the publisher's website or enable automatic updates.

Use and regularly update anti-virus and firewall software

Anti-virus software should be updated regularly with the latest virus definition files to remain effective. A personal firewall helps protect your computer from unauthorised traffic to and from your device.

For guidance on choosing reputable security software, visit getsafeonline.org.uk.

Keep passwords secure

Passwords are the key to your online accounts. You are strongly advised to use a unique password for all online services - especially those that involve managing money.

Choose passwords that cannot be easily guessed. Avoid children's names, pet names, birth dates, or telephone numbers.

Do not use the same password for different services.

Consider using a reputable password manager to generate and store unique passwords securely.

Security tips

Do not share computers where possible, and disable File and Printer Sharing capabilities to help prevent unauthorised access.

Be wary of opening any unexpected emails with attachments. A common way for a virus to spread is via email. Some viruses send copies of themselves to everyone in the infected device's address book, so the email may appear to come from someone you know.

Email attachments containing a file ending .exe, .pif, or .vbs are commonly used to spread viruses.

Avoid using file-sharing services, as they can expose your device to viruses, trojan horses, and other harmful software.

Keep your B4B Payments session secure

Ensure you enter your password without being seen.

Remember to log out from the cardholder web app and close your browser when you have finished.

Always enter the web address directly or use a saved bookmark. Do not click links in emails or texts as these could take you to a fraudulent website that looks exactly like ours.

Try to avoid using shared public computers, such as those in internet cafes, to access your B4B Payments account.

Keep your mobile device secure

Lock your device with a PIN, biometric, or passphrase.

Keep your phone's operating system and the B4B Payments app up to date.

Avoid using the app on public or shared Wi-Fi networks unless you have a VPN.

Do not install the app on rooted or jailbroken devices.

Keep your emails and messages secure

Email sent through a regular email account is generally not encrypted. Any personal information you include in an email is at risk of being intercepted. Do not send your B4B Payments username or passwords by email to anyone.

The same caution applies to unexpected text messages and phone calls. Fraudsters may impersonate B4B Payments by text or phone. We will never call you to ask for your password, PIN, or a one-time code. If in doubt, hang up and call us on a number from our website.

Never send sensitive information by email or text.

Do not respond to unexpected messages requesting personal information.

Review your internet service provider's email security features, as many now offer virus protection on incoming emails.

Protect yourself offline

Even when you are offline, there is much you can do to protect yourself.

Keep your details safe. Do not share your User IDs, password, or any unique personal identifier with someone else.

Do not supply personal information to anyone over the phone or to a website unless the source has been verified, or you initiated the call yourself. We would never ask for internet passwords over the phone if we initiate the call.

We will never instruct you to transfer funds to a safe account or ask you to move money for security reasons. If anyone claims this, it is a scam - contact us directly.

Review your bank and card statements for any unusual transactions and notify us immediately if you suspect any discrepancies.

Tell us of any changes in your personal details by contacting us.

Store bank details and card details in a safe place.

If you plan to cancel a card or it expires, immediately destroy the card by cutting it in two, through the account number and the magnetic strip.

Be careful of any personal information you discard. Destroy receipts, bank statements, and any bills that contain personal information.

Getting help

For more information on computer security and staying safe online, visit getsafeonline.org.uk or ukfinance.org.uk.

If you suspect your account has been compromised or you have been targeted by fraud, contact us immediately.