Online Security

Protection For Every Customer

Built in for all banking users

These safeguards apply automatically to every online banking customer. There is nothing to enable and no extra cost.

Encryption end to end

Everything you send and receive is protected with strong encryption, in transit and at rest, so your information cannot be read by anyone but you and the bank.

Multi-factor sign-in

A password alone is never enough. Every login is confirmed with a second step, so only you can reach your account - even if a password is exposed.

Automatic sign-out

If you step away, your session ends on its own after a short period of inactivity, protecting your account on shared or unattended devices.

24/7 fraud monitoring

Our systems watch account activity continuously and flag anything unusual, so suspicious transactions can be caught and stopped quickly.

The Security Of Our Systems

Secure by design, tested by default

Keeping the systems that hold and move your money safe is our highest technical priority. Our defenses are layered, monitored, and independently tested.

Layered Defenses

Firewalls, network segmentation, and intrusion detection separate public services from the systems that hold sensitive data.

Least-Privilege Access

Our staff can reach only what their role requires. Privileged access is restricted, logged, and protected with multi-factor authentication.

iii

Independent Testing

Our platform is regularly scanned for vulnerabilities and tested by independent security specialists, with findings tracked to resolution.

Continuous Monitoring

Critical systems are monitored around the clock. Security events are logged centrally and analyzed to detect threats early.

Resilience & Recovery

Backup and disaster-recovery arrangements are designed to keep services available and restore them quickly if disruption occurs.

Trained People

Every employee completes ongoing security training and is bound by strict confidentiality and acceptable-use obligations.

Stay Safe Online

Recognizing and Avoiding Phishing

Phishing is when fraudsters use fake emails, text messages, calls, or websites that look genuine to trick you into revealing passwords, card numbers, or one-time codes. These simple habits keep you protected.

Check the web address carefully - watch for misspellings or unusual domains before you sign in.
Don't click links or open attachments in unexpected or suspicious messages.
Never share your password, PIN, or one time codes with anyone — not even staff.
Use a strong, unique password and change it from time to time.

Keep your device, browser, and anti-virus software up to date.
Avoid banking on shared or public computers and open Wi-Fi networks.
Reach our site by typing the address yourself or using a saved bookmark.
Log out fully and close your browser when you finish banking.

Know It's Really Us

What We Will Never Do

Fraudsters impersonate banks to trick you into revealing details. Knowing our boundaries helps you spot them. When in doubt, stop and contact us directly using the details below.

Our genuine online banking address begins with https:// and shows a padlock in your browser. It is https://online.bcbtci.com. Always check the address carefully before signing in.

Ask for your full password, PIN, or one-time codes by email, text, or phone.
Email you a link asking you to "verify" or "reactivate" your account.
Threaten to close your account if you don't respond immediately.
Ask you to move money to a 'safe account' for protection.
Request remote access to your computer or phone.

If Something Seems Wrong

Report It Immediately

If you think your account has been compromised, or you've received a suspicious message claiming to be from us, contact us right away using a number or address you know is genuine. Don't act on instructions in the suspicious message.

Your security is our responsibility.