FAQs FAQ SecureSign

FAQ SecureSign

Introduction

Credit Suisse places great importance on security in Online Banking. Guaranteeing a high standard of security constantly requires us to implement the latest security technology.

The Online Banking login procedure will change.

Thanks to SecureSign, the app login for Mobile Banking will be even quicker and easier. If you have installed the Credit Suisse Direct app and the SecureSign app on the same smartphone or tablet, you will need only your user ID and password to log in. The SecureSign app will ask you to confirm that you are logging in. You no longer need to enter a code manually.

In the previous Online Banking, in the "Client Center," you will find the option for enrolling under "My Profile."

In the new Credit Suisse Direct Online Banking, you can enroll in SecureSign under "More" in your settings.

Please contact our support center to enroll in SecureSign over the phone.

Private Clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m. – 4:00 p.m.

Corporate Clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

Once you have registered, you will receive an activation letter in the next few days by mail. It will contain your personal activation image for completing your registration. Please note that once you have registered for SecureSign you have a 30-day grace period until you can no longer use the SMS or SecurID security procedure.

Yes, use of the SecureSign authentication process, including the SecureSign app, is free of charge.

  • Total security – state-of-the-art encryption technology makes banking as secure as possible
  • Offline usability – available anytime, anywhere – even without an internet or phone connection
  • Multi-device capability – access the app on up to eight different devices with one contract
  • Simple – log in quickly and conveniently

In order to use more than one device for login with your user ID, you can add more devices in the previous Online Banking after logging into your profile under "SecureSign." You can find instructions here.

In the new Credit Suisse Direct Online Banking, you can add more devices under "More" in your settings.

After adding a device, a new login is required in order to set it up. For this, you need your personal activation image that you received by mail.

In order to set up an additional contract on a device, you must request SecureSign for it.

To add the contract to your device, please follow these steps:

  • Go to the settings for the SecureSign app (gear wheel at the top right) and click at the bottom on ”Add new app account.”
  • Start Online Banking and enter the user ID of the contract and your password.
  • Perform the set-up as usual.

You can access up to eight contracts with a SecureSign app.

Instructions on how to set up SecureSign with two mobile devices can be found here.

No. SecureSign is merely an improved login procedure or additional security feature. Login, as previously, can be done via your PC (browser), your tablet, or your mobile phone.

Credit Suisse cares about our environment. The SecurID contains a battery that does not belong in your household garbage. As soon as you have successfully activated SecureSign, you can dispose of your SecurID as follows:

Take the SecurID to an electronics recycling center, just like you do with other defective or no longer usable devices such as TVs or kitchen appliances.

Requirements

To use SecureSign, you need a smartphone or tablet (e.g. iPad) with a camera and current operating system.

We currently support smartphones and tablets using the Android or iOS operating systems in the versions below:

Operating System

Manufacturer/Device
Android 4.4 and higher e.g. Samsung, LG, Google Nexus
iOS 8 and higher Apple iPhone 4s and later

Yes, if you have a tablet on which the SecureSign app is installed and set up. Currently, SecureSign requires a smartphone or tablet, either made by Apple (iOS operating system, version 8 or higher) or a maker of Android devices (Android operating system, version 4.4 and higher).

We do not currently offer SecureSign for the Windows Phone operating system.

We strongly advise against the use with such devices, as "jailbreaking" and "rooting" lower the overall security of your phone. The use of devices with "jailbreaking," "rooting," or similar operating system manipulations is done under the sole responsibility of the user.

No, the SecureSign app is available from Apple's App Store and the Google Play Store outside Switzerland as well.

Internet access is required only for the initial download of the SecureSign app. Afterwards, the method operates without a telephone or internet connection, so it can be used abroad or in locations with weak mobile phone coverage.

Please note that you still need an internet connection for Online Banking or the Credit Suisse Direct app itself.

To determine the device ID of a device, go to the SecureSign app settings (gear wheel at top right). In the Settings, the device IDs are shown in a list.

You will find more information on the "Management of SecureSign" page in your Online Banking. You can find the page in the previous Online Banking in the Client Center under "My Profile" and then "SecureSign," or in the new Credit Suisse Direct Online Banking in the settings under "More." The activation date and the device type are used for identification.

Your personal activation image never expires, thus enabling you to activate additional devices for use with the SecureSign method at a later date if needed.

Note: Keep your activation letter in a safe place and make sure that no one can access your personal activation image.

If you lose your activation letter, call our support center to request a new one.

Private Clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m. – 4:00 p.m.

Corporate Clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

Smooth out the letter, and try to scan it again with the SecureSign app under good lighting conditions. If repeated attempts continue to fail, please contact our support center. You may need to request a new activation letter.

Private Clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m. – 4:00 p.m.

Corporate Clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

Utilization

The multi-colored image displayed in Online Banking is valid for one minute.

To receive a new SecureSign image in Online Banking, you need to go to the Online Banking homepage and re enter your user ID and password.

iOS and Android security settings prevent restoration of the previously activated SecureSign app. The device must be reactivated after restoration. You can add a new or additional device yourself in Online or Mobile Banking. To do so, you need a device that has already been set up. If you no longer have such a device, please contact Support. You will then be able to set up SecureSign for the new/additional device in the usual way. For this, you need the activation letter with your personal activation graphic.

After resetting your smartphone or tablet, you will need to reactivate the app using your personal activation image.

Transaction signing refers to the confirmation of certain transactions through the additional entry of a code. Transaction confirmation is used when changing passwords, adding a new device, or entering payments. When you submit a payment order that our system classifies as unusual, you are requested to scan a SecureSign image. The details of the payment are then displayed in the SecureSign app for you to review. If you want to approve the payment, you must enter the displayed code.

When you make payments that are not classified as unusual by our system, we generally do not ask you to confirm them.

If you have SecureSign set up on another device, log in using this and add another device. You can find instructions here.

If you have not set up a second device, download the SecureSign app again in the Apple App Store or the Google Play Store, then contact our support center.

Private Clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m. – 4:00 p.m.

Corporate Clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

In order to be able to use the SecureSign app, the camera authorizations for it must be activated. After selecting the SecureSign app, the authorizations can be issued in the iPhone/iPad settings under "Camera".

If you have lost your smartphone or tablet, you should deselect it for Online Banking. If you have another device set up, you can do this in the previous Online Banking under "SecureSign" in your profile or in the new Credit Suisse Direct Online Banking in the settings under "More."

If you do not have another device set up to log in with, please contact our support center.

Private Clients
0844 800 888 / +41 844 800 888

Monday to Friday: 8:00 a.m. – 10:00 p.m.
Saturday and Sunday: 9:00 a.m. – 4:00 p.m.

Corporate Clients
0800 881 188 / +41 800 881 188

Monday to Friday: 7:30 a.m. – 5:30 p.m.

Security

The SecureSign app is secured through specially created methods against possible attacks. In the case of fully independent devices such as the SecurID, the device itself is hardly vulnerable to attacks, but the communication between the SecurID and the Online Banking servers is vulnerable to "man-in-the-middle" attacks. During these attacks, a hacker tricks a user into believing they are on the official Online Banking page of the bank and thus fraudulently obtains the user ID, the password, and the SecurID code. The SecureSign app is armed against "man in-the-middle" attacks, since unusual transaction information, such as the beneficiary, is displayed for review and confirmation (transaction signing).

The SMS security procedure is less secure, because there is malware that can forward the SMS, for instance.

No, there is no personal information stored in the SecureSign app.

The SecureSign app requires access to the camera to scan. "Telephone" access is also required, so that the app can be paused when a call is received.

The SecureSign app and the Credit Suisse Direct app are two apps protected independently of each other and hardened using state-of-the-art processes which meet the highest security standards. Communication between the two apps is fully encrypted at all times.

The mobile-to-mobile procedure has been verified by independent security companies and rated as secure.

In order to make login more convenient, the option of storing login data was created. The decision to store security elements / login data or not is done under the sole responsibility of the user.

Existing security procedure (SMS and SecurID)

No, multiple authentication methods cannot be used in parallel.

We have not provided for a way to revert back to previous authentication methods.