FAQs FAQ SecureSign

FAQ SecureSign

Introduction

SecureSign is a security procedure for logging in or performing security-relevant activities, in which you are shown an image that only you can decipher and confirm. The SecureSign app is used for the decryption.

Credit Suisse places great importance on security in Online Banking. Guaranteeing a high standard of security constantly requires us to implement the latest security technology.

SecureSign can be used for logging into Online Banking, as well as on most other Credit Suisse channels with a login.

The Online Banking login procedure will change.

If you use the Mobile Banking app, then you benefit from secure app-to-app communication and no longer need to enter a SecureSign code manually.

Thanks to SecureSign, the app login for Mobile Banking will be even quicker and easier. If you have installed the Credit Suisse Direct app and the SecureSign app on the same smartphone or tablet, you will need only your user ID and password to log in. The SecureSign app will ask you to confirm that you are logging in. You no longer need to enter a code manually.

In the previous Online Banking, in the "Client Center," you will find the option for enrolling under "My Profile."

In the new Credit Suisse Direct Online Banking, you can enroll in SecureSign under "More" in your settings. In other channels, you can enroll in SecureSign in the settings.

Please contact our support center to enroll in SecureSign over the phone.

Private Clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m. – 4:00 p.m.

Corporate Clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

Once you have registered, you will receive an activation letter in the next few days by mail. It will contain your personal activation image for completing your registration. Keep this letter in a safe place, so you can register future devices.
Please note that once you have registered for SecureSign you have a 30-day grace period until you can no longer use the SMS or SecurID security procedure.

Yes, use of the SecureSign authentication process, including the SecureSign app, is free of charge.

  • Total security – state-of-the-art encryption technology makes banking as secure as possible
  • Offline usability – available anytime, anywhere – even without an internet or phone connection
  • Multi-device capability – access the app on up to eight different devices with one contract
  • Simple – log in quickly and conveniently

In order to use more than one device for login with your user ID, you can add more devices in the previous Online Banking after logging into your profile under "SecureSign." You can find instructions here.

In the new Credit Suisse Direct Online Banking, you can add more devices under "More" in the Settings under "SecureSign."

After adding a device, a new login is required in order to set it up. For this, you need your personal activation image that you received by mail.

In order to set up an additional contract on a device, you must request SecureSign for it. As soon as the activation letter for the new contract arrives, you can complete the activation.

You can access up to eight contracts with a SecureSign app.

Instructions on how to set up SecureSign with two mobile devices can be found here.

No. SecureSign is merely an improved login procedure or additional security feature. Login, as previously, can be done via your PC (browser), your tablet, or your mobile phone.

Credit Suisse cares about our environment. The SecurID contains a battery that does not belong in your household garbage. As soon as you have successfully activated SecureSign, you can dispose of your SecurID as follows:

Take the SecurID to an electronics recycling center, just like you do with other defective or no longer usable devices such as TVs or kitchen appliances.

You can also take the SecurID to a Credit Suisse branch for disposal.

Requirements

To use SecureSign, you need a smartphone or tablet (e.g. iPad) with a camera and current operating system.

We currently support smartphones and tablets using the Android or iOS operating systems in the versions below:

Operating System

Manufacturer/Device
Android 4.4 and higher e.g. Samsung, LG, Google Nexus
iOS 8 and higher Apple iPhone 4s and later

Yes, if you have a tablet on which the SecureSign app is installed and set up. Currently, SecureSign requires a smartphone or tablet, either made by Apple (iOS operating system, version 8 or higher) or a maker of Android devices (Android operating system, version 4.4 and higher).

If you do not have one of these devices, please contact our support center.

Private clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m.—4:00 p.m.

Corporate clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

We do not currently offer SecureSign for the Windows Phone operating system.

We strongly advise against the use with such devices, as "jailbreaking" and "rooting" lower the overall security of your phone. The use of devices with "jailbreaking," "rooting," or similar operating system manipulations is done under the sole responsibility of the user.

No, the SecureSign app is available from Apple's App Store and the Google Play Store outside Switzerland as well.

Internet access is required only for the initial download of the SecureSign app. Afterwards, the method operates without a telephone or internet connection, so it can be used abroad or in locations with weak mobile phone coverage.

Please note that you still need an internet connection for Online Banking or the Credit Suisse Direct app itself.

To determine the device ID of a device, go to the SecureSign app settings (gear wheel at top right). In the Settings, the device IDs are shown in a list.

You will find more information on the "Management of SecureSign" page in your Online Banking. You can find the page in the previous Online Banking in the Client Center under "My Profile" and then "SecureSign," or in the new Credit Suisse Direct Online Banking under "More" in the Settings under "SecureSign." The activation date and the device type are used for identification.

Your personal activation image never expires, thus enabling you to activate additional devices for use with the SecureSign method at a later date if needed.

Note: Keep your activation letter in a safe place and make sure that no one can access your personal activation image.

If you have stored your mobile phone number as a security feature, the link "No active Device for SecureSign" will appear on the login page with the SecureSign image. Follow this process to request a new activation letter.

Smooth out the letter, and try to scan it again with the SecureSign app under good lighting conditions.

If the image will not scan, you can request a new activation letter online if you have stored your mobile phone number as a security feature. The link "No active Device for SecureSign" will appear on the login page with the SecureSign image. Follow this process.

If these options do not work, please contact our support center. You may need to request a new activation letter.

Private Clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m. – 4:00 p.m.

Corporate Clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

Utilization

The multi-colored image displayed in Online Banking is valid for one minute.

To receive a new SecureSign image in Online Banking, you need to go to the Online Banking homepage and re enter your user ID and password.

By providing your mobile phone number, you are ensuring that you can set up a new SecureSign device if your activated SecureSign device is no longer available.

You can also use this procedure to request a new activation letter.

iOS and Android security settings prevent restoration of the previously activated SecureSign app. The device must be reactivated after restoration. You can add a new or additional device yourself in Online or Mobile Banking. To do so, you need a device that has already been set up.

If you no longer have a device on which SecureSign is activated, then you can log into Online Banking using your user ID and password. On the page with the SecureSign image, follow the link "No active Device for SecureSign.“

If you have not provided a mobile phone number as a security feature, this link will not be available to you. In this case, please contact our support center.
You will then be able to set up SecureSign for the new/additional device in the usual way. For this, you need the activation letter with your personal activation image.

After resetting your smartphone or tablet, you will need to reactivate the app using your personal activation image.

Transaction signing refers to the confirmation of certain transactions through the additional entry of a code. Transaction confirmation is used when changing passwords, adding a new device, or entering payments. When you submit a payment order that our system classifies as unusual, you are requested to scan a SecureSign image. The details of the payment are then displayed in the SecureSign app for you to review. If you want to approve the payment, you must enter the displayed code.

When you make payments that are not classified as unusual by our system, we generally do not ask you to confirm them.

If you have SecureSign set up on another device, log in using this and add another device. You can find instructions here.

If you have not set up a second device, download the SecureSign app again in the Apple App Store or the Google Play Store and follow the link "No active Device for SecureSign" on the login page with the SecureSign image.

If you have not provided a mobile phone number as a security feature, this link will not be available to you. In this case, please contact our support center.

Private Clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m. – 4:00 p.m.

Corporate Clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

If you no longer have a device on which SecureSign is activated, then you can log into Online Banking using your user ID and password. On the page with the SecureSign image, follow the link "No active Device for SecureSign."

If you have not provided a mobile phone number as a security feature, this link will not be available to you. In this case, please contact our support center.

Private clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m.—4:00 p.m.

Corporate clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

In order to be able to use the SecureSign app, the camera authorizations for it must be activated. After selecting the SecureSign app, the authorizations can be issued in the iPhone/iPad settings under "Camera".

If you have lost your smartphone or tablet, you should deselect it for Online Banking. If you have another device set up, you can do this in the previous Online Banking under "SecureSign" in your profile or in the new Credit Suisse Direct Online Banking under "More" in the Settings.

If you no longer have a device on which SecureSign is activated, then you can log into Online Banking using your user ID and password. On the page with the SecureSign image, follow the link "No active Device for SecureSign."

If you have not provided a mobile phone number as a security feature, this link will not be available to you. In this case, please contact our support center.

Private clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m.—4:00 p.m.

Corporate clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

Security

The SecureSign app is secured through specially created methods against possible attacks. In the case of fully independent devices such as the SecurID, the device itself is hardly vulnerable to attacks, but the communication between the SecurID and the Online Banking servers is vulnerable to "man-in-the-middle" attacks. During these attacks, a hacker tricks a user into believing they are on the official Online Banking page of the bank and thus fraudulently obtains the user ID, the password, and the SecurID code. The SecureSign app is armed against "man in-the-middle" attacks, since unusual transaction information, such as the beneficiary, is displayed for review and confirmation (transaction signing).

The SMS security procedure is less secure, because there is malware that can forward the SMS, for instance.

No, there is no personal information stored in the SecureSign app.

The SecureSign app requires access to the camera to scan. "Telephone" access is also required, so that the app can be paused when a call is received.

The SecureSign app and the Credit Suisse Direct app are two apps protected independently of each other and hardened using state-of-the-art processes which meet the highest security standards. Communication between the two apps is fully encrypted at all times.

The mobile-to-mobile procedure has been verified by independent security companies and rated as secure.

In order to make login more convenient, the option of storing login data was created. The decision to store security elements / login data or not is done under the sole responsibility of the user.

Existing security procedure (SMS and SecurID)

No, multiple authentication methods cannot be used in parallel.

We have not provided for a way to revert back to previous authentication methods.