BDO Unibank Online Banking Security Policy


Security of your accounts when you bank online with BDO Unibank Online Banking or BDO Unibank Mobile Banking is our top priority and concern. We are committed to safeguard your online and mobile banking transactions with industry-leading security solutions and we adhere to the industry’s best practices to prevent against unauthorized transactions and fraudulent use of your online banking accounts.



User Role and Responsibility


BDO Unibank’s Electronic Banking Services can be used to access your BDO Unibank bank accounts and perform transactions through BDO Unibank Online Banking and BDO Unibank Mobile Banking provided you request to specifically enroll these accounts.


It is important for you to read and understand the BDO Unibank Electronic Banking Services Terms and Conditions that can be found at the login page before you use our online banking website. These governs your use of our online banking facility.


You will be solely responsible for keeping your Security Codes strictly confidential and for your use only, solely for the purpose of accessing the BDO Unibank Online Banking and BDO Unibank Mobile Banking services. In this connection, you should observe the following:


(a)                 change your password regularly especially if you suspect that its confidentiality has been compromised.

(b)                 take all reasonable steps to ensure that your Security Codes are properly safeguarded at all times; and

(c)                 not disclose any details of your Security Codes to anyone.


As a user of our online banking facility, you need to be wary of fraudsters trying to gain access to your accounts and perform unauthorized transactions that may lead to fraudulent activities and financial losses. It is your responsibility to protect your credentials and how you use them.


Safeguard your BDO Unibank online accounts and keep them confidential and private at all times which includes PINs, security tokens, personal details and other confidential data.


Check your bank statements regularly. If you suspect your account has been compromised, or unauthorized online transaction has occurred, change your password immediately and contact us immediately.



Dispute handling, reporting and resolution procedures


You should inform the bank firsthand should you suspect irregularities in your accounts and if you experience difficulties or issues in accessing our application by calling our branch support at +65 62601500. You may also email us or visit our branch to personally report your concern.


Before you report your concerns to us, you should prepare the following:

(a)  clear idea of what your concern is all about

(b)  account and personal details and supporting documents


(c)  how you would like to be contacted, by phone or email, if further investigation will be required

Our technical support will check your concern immediately and provide feedback on status from time to time. If there is security breach, our technical support will investigate further. The status of investigation will be provided as soon as there is relevant information that can be provided. In aid of investigation, our technical support may be asking for additional details that may help resolve the reported concern. You may call or email our branch support if you wish to know the status of your concern .


Security is a shared responsibility. BDO Unibank will not be responsible for any loss due to your negligence.



How to protect yourself from online threats



The following security best practices will help you protect yourself against online threats:


          Change your password regularly. Pick strong and complex passwords that are easy to remember but hard to guess. Never give out your OTP to anyone. BDO Unibank will never ask for your credentials whether through email, SMS, telephone call or social media.


          Log off your online session and clear your browser cache when you are done.

          Protect your personal computer, including without limitation installing antivirus software, anti-spyware and firewall software and keep them updated all the time, removing file and printer sharing especially when they are connected to the internet, not installing software or run programs of unknown origin, and updating operating systems with anti-virus and firewall products with security patches or new versions on a regular basis.


          Delete junk or chain email. Do not open email attachments from strangers.

          Protect your data. Make regular backup of critical data and save it in a secure medium and store it in a safe place. Remember to encrypt your highly sensitive or confidential data to keep it safe when it falls into the wrong hands.


          Do not disclose personal, financial or credit card information to little-known or suspect websites.

          Protect your mobile device. The operating system version of your mobile device shall be updated to the latest version as well as the mobile app that is installed in your device. Never install apps that are not verified safe. Use only the BDO Unibank official mobile banking app. There are malicious apps out there that are just waiting for you to install and get critical information from your device.


          If you suddenly receive an OTP without logging into your account, call BDO Unibank Branch to report the incident. BDO Unibank Online Banking will only send an OTP to your registered mobile number only upon entry of your correct user ID and password. This is a system's way of alerting you that someone might be trying to access your account.


          Never login to your online banking site through a link from an email, instead, type the website’s address manually into your browser.

          Do not use a computer or a device which cannot be trusted.

          Avoid using public computers and connecting to public Wi-Fi when possible. Do not do internet banking using these facilities.



Security Features



To ensure safety of your online transactions, physical and logical security solutions are employed such as firewalls, intrusion detection and protection systems, anti-malware and other transaction security features.

To access your accounts through BDO Unibank’s Electronic Banking Services, you need a User ID, an online password and a SMS OTP or OTP token software for BDO Unibank Online Banking and Mobile Banking.


User ID and Password. You shall nominate your preferred User ID and online password upon enrollment to BDO Unibank Online Banking and Mobile Banking. Your preferred User ID shall be unique to you and when used together with your Password will enable you to access the BDO Unibank Online Banking and Mobile Banking Services. You will be required to change the issued User ID and nominated password immediately upon first login.



Secured Website. Our website uses a 128-bit SSL certificate and can be accessed securely by typing on the address bar of your web browser. To ensure that you are actually accessing our website, double-click the secured padlock at the address bar to verify that,

          the certificate is issued to;

          the owner is BDO Unibank, Inc.

          the certificate validity is current.


Authentication and 2FA. Users are authenticated before they can use the system. User ID and password are required at login. After encoding the user ID and password, One-Time Password (OTP) as a two-factor authentication (2FA) will be required to complete the login process. In the event of interference with your authenticated session, measures are in place to ensure that the session is terminated and the affected transactions are resolved or reversed out. You will be notified of such an incident via email or telephone or SMS when the interference is being encountered.


Mobile App Access. BDO Unibank Online Banking can also be utilized using our mobile app. Simply download the application from Apple’s Appstore for IOS and Google’s Playstore for Adroid devices. Mobile device registration is required before the mobile app can be used. An SMS OTP will be sent to your registered mobile number as the final step. Once your mobile device is registered, you can already authenticate using your user id, password and touch id.


Transaction Authorization. To complete a transaction, an OTP is required. OTP or One-Time Password is a unique 6-character code that is sent only to the registered mobile number in BDO Unibank online banking. OTP can also be generated using the OTP Generator feature in the BDO Unibank Mobile App. The OTP will refresh every 30 seconds. This feature does not require internet connection.


Password Lockout. Password will be locked out after 3 consecutive inputs of wrong password.


Forgot password facility. In the event that you forgot your password and cannot recall it; or your account has been locked out due to maximum invalid login attempts, this facility is available to assist you in resetting your password.


Forgot User ID. The system is also equipped with this facility to assist in the recovery of User ID in case it is forgotten.


Automatic Session timeout. An online session is automatically terminated after 15 minutes of idle time unless the customer is re-authenticated.


Transaction Limits. Minimum and maximum limits on transactions are defined to ensure controls on your transactions. Changes to the set limits on transactions shall be coordinated and approved at the branch.

High-risk transactions. Changes in personal information such as address, mobile number, email address, high-value transactions and enrollment of third-party account shall be done and approved at the branch.


Transaction Alerts. You will receive notifications via email or SMS sent to your registered mobile number for all online transactions performed.


Frequently Asked Questions


  1. How do I retrieve my password if I forgot it or it is locked? To retrieve your password,


  1. Go to https://www,
  2. Click on Forgot Password link.


  1. In the User Details page, Enter User ID
  2. Enter OTP


  1. In the Change Passwords page, Sign on Password, Type the New Password* and Retype New Password*. Take note of the password policy.
  2. Submit.


  1. What is OTP or One-Time Password?


It is used as two-factor authentication when you login to BDO Unibank online banking and authorize your transactions. OTP is a unique 6-character code that is sent only to your registered mobile number in BDO Unibank online banking. OTP can also be generated using the OTP Generator feature in the BDO Unibank Mobile App. The OTP will refresh every 30 seconds. This feature does not require internet connection.


3. What will I do if I encounter “This connection is not trusted.”?


This connection errors occur when you are trying to connect to an SSL-enabled website and your browser is unable to make a secure connection to the website’s server. If you encounter this message when accessing the bank’s online banking website, do not continue, instead cancel it and close your browser. Report and inform us immediate by calling BDO Unibank Branch.


  1. How can I login to my BDO Unibank online banking if I don’t receive SMS? If you don’t receive SMS,


  1. Please click on resend SMS on the transaction window.
  2. If you still can’t receive it, please call our branch to validate your mobile number that is registered toyour account. If not, please update at the branch.
  3. If you are located locally, you may go to our branch to perform your transaction.


  1. Will I receive an OTP if I’m abroad?


Yes, for as long as you enable roaming for your local number.


6. What will I do if I suspect unauthorized transaction in my account?


If you suspect your account has been compromised, or unauthorized online transaction has occurred, change your password immediately and contact BDO Unibank Branch.

Security Alerts


Beware of Phishing Attacks. What is Phishing? Phishing is the act of pretending to be a legitimate, trustworthy entity in order to obtain sensitive information such as usernames, passwords, credit card numbers, and bank account information. It is commonly seen in fraudulent emails which direct the user to visit a specified website. The website, no matter how similar it is to the real website, is not genuine and was set up only as an attempt to steal the user's information.


What to do to protect yourself against phishing attacks


  1. Never provide any account Information via e-mail or other means.


  1. In case the requested information had already been provided, immediately change your password through theBDO Unibank Online Banking website;
  2. Never click on the links provided. To ensure that you are directed to the BDO Unibank website, type in on your internet browser and select Online Banking Log-in.



Protect yourself from Malware or Malicious Software.


Malware, or malicious software, is any program or file that is harmful to you. It gives partial to full control of your computer to do whatever the malware creator wants. The common types of malware includes computer viruses, worms, Trojan horses, adware, rootkit, spyware, etc.


How will you know that your computer is infected with malware?


Your computer is slowing down taking longer than usual to start. One of the malware’s activities is to slow down your operating system whenever you browse the internet or access your computer files or applications. You need to check what is causing the problem and consult an expert if you can’t fix them.


Another indication that your computer is infected is the unexpected pop-ups which appear on your screen or what is called adware or spyware. These malware maybe acquired when you download software from the internet, click on links on your email and as you navigate on the internet.


Your computer may also behave like rebooting many times or you are getting the blue screen telling you that it is recovering from an unexpected shutdown. This is also an indication that your computer is infected. A technical expert is needed to check and fix the issue.


Sometimes, you will be surprised when your friends or colleagues call you to ask if you send them suspicious emails coming from you but you did not send these emails. This is also a sign that your computer is infected with malware.


The saddest and most frustrating is when your files were deleted unexpectedly or your files become encrypted or unreadable. For you to recover your files, you will be asked to install a software and pay for it as a ransom. This software is called ransomware.


There are more indications and symptoms that may indicate that your computer or mobile device is infected by malware. It is important to take care of your computer or mobile device the same way you are protecting yourself for your safety. If you suspect or have a feeling that something abnormal is happening, do investigate and report or ask assistance from proper contacts or authority.

How to protect yourself from Malware


The smartest way to avoid malware is to take precautions to prevent the malware from infecting your computer or device by ensuring that an anti-virus or anti-malware program installed, and that you have it configured it properly. Do not just trust removable storage devices. Scan them with updated antivirus software before you copy any file. These devices commonly spread malware.


Another important way is to change your online behavior. Avoid opening email and attachments sent through any kind of messaging platform from people you don’t recognize or even trust. Do not click on links sent via email or text messages. Make sure that whatever is attached is something you were expecting. Do follow up using another message to confirm the attachment.


It is also important that you update your computer’s operating system and application software regularly more importantly the security updates. Vulnerabilities in the system or software is often hit by the hackers if they can’t penetrate due to the installed antivirus or anti-malware.



Contact us at the following:




20 Cecil Street


#02-06 PLUS


Singapore 049705




Telephone: +65 62601500


Email address





BDO Unibank Online Banking Singapore website :



Banking Hours

Monday – Friday

9:00 AM – 5:00 PM