We use cookies to make your browsing experience better. Agree and share a cookie with us!

Customer support
Contacts

Security in digital space

What you should consider when contacting the bank remotely

To call the bank or receive a call from the bank

If you have called the bank’s official telephone number (the conversation is recorded) we may ask for the following information for the authentication purposes:

  • Internet-bank login (yet we will never ask for the internet-bank password)
  • Code from the code calculator (yet we will never ask for codes from the code card)
  • Serial number or code calculator
  • Personal ID
  • Name, surname / corporate name
  • Contact information (e-mail address, postal address, telephone No.)
  • Information about transactions / used bank’s services
When receiving a call from the bank you should never disclose the information as follows:
  • Internet-bank password;
  • Full numbers of the code card or calculator;
  • Card number;
  • Expiry date embossed on the card;
  • PIN code;
  • CVV2 code or the three-digit code printed on the reverse on a white strip, adjacent to the signature.
If you have any suspicions, please, contact us by calling +371 67 17 1880, writing to info@luminor.lv.

Furthermore, there are some recommendations on online security you should read through.
 

To write to the bank or receive an SMS

SMS are sent in situations as follows:

  • If you have activated a text message on card account transactions;
  • As additional security element to approve internet-bank transactions (if using a code card)
  • If any payment for the bank’s services is overdue;
  • To inform about the bank’s campaigns and product offers;
  • To receive the cash withdrawal service through ATM

To write to the bank or receive an email

As so many people worldwide are using e-mail it has become one of the principal targets of cyber criminals.
 
E-mail messages, which are ostensibly sent on behalf of the bank, often are used for quite a different purpose - to obtain the information about the bank’s customer (user’s ID data, passwords, code cards) for its further malicious abuse. Most frequently such e-mail messages represent the following: 

  • E-mail message contains a request to send all required ID tools (user’s ID data, password and codes from the code card/calculator) to a certain e-mail address;
  • Informative letter containing a link to be visited. After visiting the link the customer is offered to save it, yet the website does not open. After saving the link there is likelihood for downloading some or other malicious software, whose purpose is to find out the customer information.
 
Never disclose the following information through E-mail:
  • Internet-bank password;
  • Full numbers of the code card or calculator;
  • Card number;
  • Expiry date embossed on the card;
  • PIN code;
  • CVV2 code or the three-digit code printed on the reverse on a white strip, adjacent to the signature.
Please, remember that the bank will never request any customer information required for the use of e-bank services.  
If you have received a suspicious letter, please, immediately contact us by calling +371 67 17 1880, writing to info@luminor.lv.

More information about “phishing”.

To write to the bank or receive a WhatsApp message

When using WhatsApp you should never disclose the information as follows:

  • Internet-bank password;
  • Full numbers of the code card or calculator;
  • Card number;
  • Expiry date embossed on the card;
  • PIN code;
  • CVV2 code or the three-digit code printed on the reverse on a white strip, adjacent to the signature.
Article about the attack on WhatsApp​.

To write to the bank or receive a Facebook message

When using Facebook you should never disclose the information as follows:

  • Internet-bank password;
  • Full numbers of the code card or calculator;
  • Card number;
  • Expiry date embossed on the card;
  • PIN code;
  • CVV2 code or the three-digit code printed on the reverse on a white strip, adjacent to the signature.

Online card payments

Secure use of payment cards.

How to protect your data in Internet bank?

To avoid a situation where your internet-bank and payment data falls into the hands of ill-wishers:

  1. 1Do not trust any internet-bank links received through e-mail. Always enter the internet-bank address manually - https://ib.dnb.lv – or select “Internet-bank” from the DNB’s webpage www.dnb.lv
  2. If anyone asks you to tell your passwords through e-mail or telephone, do not even consider doing it!
  3. Upon entering your internet-bank, always make sure that you are on the right webpage
  4. Internet-bank must open in a new tab
  5. Online address must begin by https://ib.dnb.lv
  6. The key displayed by the browser must be locked:

If you are using Internet Explorer browser you will find the key on the right side of the address bar

If you are using Mozilla Firefox browser, the key will be placed on the left side of the address bar

How to securely terminate your internet-bank session

Always after using your internet-bank click “Exit” in the upper right corner.

To enhance the security we recommend:

  1. After the internet-bank session close the used tab or browser.
  2. Delete the cache files from the browser. Usually it can be done by opening the internet browser, selecting Tools – Options. For example:  in case of Internet Explorer: Tools - Internet Options - General – Browsing history - Delete

In Mozilla Firefox browser: Tools – Options – Advanced – Network – Cached Web Content – Clear now

In Google Chrome browser: Settings – History – Clear browsing data

What are the internet-bank security elements?

Login name
Login is your username to enter your internet-bank. It consists of figures, remains unchanged during the entire period you are using the internet-bank and must be entered every time you are using your internet-bank.

Login password
When using internet-bank, after entering your login name you also use your login password (if you have a code card or Digipas GO 3 code calculator). Users of code cards and GO 3 code calculators will be asked to enter their login password to replace the internet-bank password.   
 
Code card

Code card represents a plastic card with 36 reusable codes to enter your internet-bank, approve payment orders, change passwords or conduct other internet-bank transactions. Every time when a code will be required your internet-bank shall indicate the sequence number of code from the code card. Do not use the code card to jot down your passwords or login!

As from 01.04.2017 all code card holders have additional security solution, i.e. SMS code. SMS code is a 5-digit combination, which is free of charge sent to the code card holder’s mobile telephone to:

  • Approve outgoing payments above EUR 30 outside DNB;
  • Approve online purchases made by card (3D Secure payment);
  • Add a recipient to the list "My fast payments" in the Mobile bank and to the Whitelist;
  • Execute the Standing Order, e-Invoice Standing Order (Direct Debit) agreements.

Code calculator

Code calculator is a special security device that enables the user’s identification in internet-bank and approval of transactions conducted therein. The code represents an eight-digit combination generated by the calculator. Every code is unique, valid for a short period only and is one-off.


Time limitations on the use of internet-bank
There is a time limitation on the internet-bank log-in sessions. The principal reason for imposing the time limitations is to protect you in case you forget to switch off your internet-bank when leaving your computer. If there is no activity in internet-bank for 15 minutes, is activated the 2-minute countdown by asking you, whether you want to continue or turn down your session. If within 2 minutes none of the options is chosen the session is terminated and you are asked to log in once more. 


Blocking of users
Internet-bank access is blocked in instances as follows:

1. If upon the log-in process the user five times in succession enters wrong login name, login password or code from the code card/ code calculator;
2. If for five consecutive times is wrongly approved the payment - entered wrong code from the code card / code calculator.

 

How to protect your internet-bank password?

To avoid unauthorised access of any third parties to your internet-bank account:

  • Use the password combinations that are only known to you;
  • Never use for the password an easily accessible information, e.g. your name or that of your next of kin, your surname or names of your children, pets, number of car’s license plates, etc.;
  • Do not write down or leave your password in easily accessible places;
  • Do not entrust to anybody else your computer, internet-bank password or passwords of other computer programs;
  • Replace your password on regular basis.
If you have suspicions that your password, codes from the code card or the code calculator might have fallen into the hands of any third party, immediately call and replace them at any branch of the bank DNB!

How to protect your computer?

Protection software (firewall)
It is important to equip your computer with a firewall to secure protection of your information and your computer in internet. Firewall is a program, which by data filtration regulates the flow of information between your computer and internet and eliminates any unauthorised access to your computer.

Antivirus programs
Antivirus software checks the information against viruses, identifies, puts in quarantine and destroys identified viruses. In order to achieve maximum efficiency your antivirus programs must be updated on regular basis. 
Not always antivirus and firewall programs are able to protect your computer against external attempts to acquire the information. Therefore it is recommended to check whether your computer is free from any spy or keystroke recording software, whose sole purpose is the acquisition of information. Use the spy software detectors to detect any spy and keystroke recording software than might be installed on your computer.

Fraudulent e-mail messages
Often enough an e-mail message that is ostensibly sent on behalf of the bank are used for a single purpose - extract the information on the bank’s customer (user’s identification data, passwords, code cards) to abuse this information at some later stage. Most regular types of such e-mail messages are as follows:

  • E-mail message contains a request to send all required identification tools (user’s identification data, password and codes of the code card/calculator) to a certain e-mail address;
  • A newsletter with a link the customer is asked to use. After visiting the link the customer is offered to save it, yet the webpage is not opening up. In case of saving there is a possibility of downloading software, whose single purpose is to find out the information about the customer.
If you have any suspicions always contact the bank
If you have any suspicions with regard to any transaction, letter, e-mail or phone call, always contact the bank to make sure about their legitimacy and validity.    
Please, note that the bank never asks for the customer information required for the use of the bank’s e-services.

How to choose the most appropriate internet-bank security tool?

To use the DNB internet-bank you need one of the means of identification: code card, Digipass Go3 calculator or Digipass 270 calculator. Please, find below the essential information about every single security element used by the DNB internet-bank.

Code card

Description: Plastic card with 36 codes.
Code: 36 reusable codes, each one consisting of 7 digits. The system requests their entering in a random sequence.
Change of the Internet-bank password: You have to call us to 1880 (+371 6717 1880) or visit any branch of the bank DNB.
Security: 36 codes, selected by the system at random, which repeat themselves.
Logging in: Login name (number) + password + code from the code card.
Approval of payments: Must be entered a code from the code card as requested by the system + SMS code (on amounts above EUR 30 or approval of different orders)
Summary: Medium security level, low cost, suitable for everyday use.

Digipass Go3 code calculator

Description: Security tool, which after pressing the button generates an 8-digit code.
Code: Random 8-digit combination, which does not repeat.
Change of the Internet-bank password: By receiving a password through text.
Security: Unique code, not reusable.
Logging in: Login name (number) + password + code from the calculator.
Approval of payments: Must be entered a code from the code calculator.
Summary: High security level, medium costs, simple use, suitable for private individuals and small enterprises.

Digipass 270 code calculator

Security tool, which after entering the PIN code and pressing the button generates 8-digit codes.
Code: Random 8-digit combination, which does not repeat.
Change of the Internet-bank password: No password! There is a PIN code, which can be changed by the user.
Security: Unique, one-off code + PIN code protection.
Logging in: PIN + login name (number) + code from the calculator.
Approval of payments: Internet-bank generates the code to be entered in the calculator; afterwards the calculator displays a response code to be entered in internet-bank.
Summary: Very high security level, higher costs, more sophisticated use, suitable for bigger payments.

What to do if you have lost your security element - please, refer to the section “Lost ID tool”!
To see the price for every identification tool, visit the DNB website under "List of Conditions"!

* - Functions of Digipass 260 code calculator are identical to those of DP 270 code calculator.

How to protect your data when using Mobile bank?

To prevent unauthorised access to your data by any third parties when using Quick access in your Mobile bank:

  1. PIN code is blocked after 5 unsuccessful attempts and may be unblocked after full authentication;
  2. Do not use a PIN code that can be easily guessed! It is not allowed to enter four successive or repetitive numbers (e.g. 1234 or 1111);
  3. Keep your mobile device and PIN code in a secure place, do not keep your PIN code in an easily accessible place or mobile device;
  4. We recommend a default setting to block the screen and keypad of your mobile device and protected unblocking by a PIN code;
  5. If your mobile device is lost or stolen immediately block the Quick access use in your internet-bank under Settings > Mobile bank settings > Quick access or by calling +371 67 17 1880;
  6. If you have suspicions that another person has found out your PIN code immediately replace it in your Mobile bank or internet-bank settings.
  7. If you sell or give away your mobile device, always deactivate Quick access under Settings > Mobile bank settings > Quick access;
  8. After using your Mobile bank close the application. Remember to exit your Mobile bank, if used through another mobile device.

What are the perils of mobile devices?

  • Mobile devices are made for convenience rather than security
  • They can be easily stolen
  • They carry all risks intrinsic to wireless connections
  • Maliciously created applications
  • SMS phishing

How to mitigate security risks when using mobile devices?

  • Remember that mobile devices are created for convenience rather than security
  • Prior to using mobile device for some purpose make sure that the security settings are adequate
  • Install the screen blocking by PIN or password, use sophisticated password or PIN (avoiding: 1111 or 1234)
  • Set the default blocking of screen at certain intervals
  • Enable crypting of the memory store on the device
  • Conduct regular backup data copying in order to be able to restore the data in case the device is faulty or stolen (consider the risks by choosing the storage of backup copies in the Cloud service, as your data may be stolen)
  • Do not keep payment card data or other sensitive information in your mobile device.

How to mitigate security risks on mobile devices online?

  • Avoid using unreliable Wi-Fi networks
  • Prior to using mobile device for any purpose make sure that its security settings are appropriate.
  • Use the VPN connection, wherever required (Most reliable network solution when using an internet connection and browsing corporate information and applications by your mobile device is Virtual Private Network solution  – VPN)
  • Be cautious when choosing programs for downloading in your mobile device. Do it on reliable websites only; moreover, if downloading any less popular program, read the reviews and observations on the specific program
  • To install any program always pay attention to what you agree with. Quite frequently there arise situations, where over the installation process is asked a permission to perform functions that are not required for the application software. E.g. do not give to an audio program an access to your list of contacts.
  • Always close unused applications to prevent attackers from using the data in case of an intercepted connection.
  • Always use an updated version of the browser with corrected vulnerabilities.
  • Equip your mobile device with an antivirus software
  • Activate the Secure Sockets Layer protocol (SSL) to receive e-mails
  • Operating systems frequently are able to avoid an infected program in their device
  • Assess the risks when choosing keeping of backup copies on the Cloud server. Your data may be stolen
  • Set an option to remotely delete data from your device
  • Set an option to remotely block your device
  • Use a tracking application to track down whereabouts of your device on Internet
  • Switch off the use of wireless internet in your device, whenever redundant
  • Terminate wireless connection after using a public access points in order to deny to possible attackers an access to the information in your device.

What security measures may be integrated in mobile devices

  • Installation of antivirus software
  • Enabling of remote actions (tracking of lost mobile devices by GPS coordinates, if switched on)
  • Denied access to applications

Generation of a secure password

Password is something we use practically daily, starting from e-mail or internet-bank access including the use of smartphones or online stores. That said password can also become your weak spot. If somebody finds out or guesses your password, they can get access to your accounts like yourself, and transfer your money, read your e-mails or steal your identity. This is why secure passwords are material for your protection. However, passwords may be hard to memorise and difficult to enter. Below you will find some information about generation of secure passwords, which are easy to memorise and simple to enter - they are called passphrases.

Passphrases

A challenge for everybody is the fact that cybercriminals have developed sophisticated and efficient methods to guess passwords (brute force). It means that villains may find out your passwords, if they are easy to guess. An important step towards one’s own protection is the use of secure passwords. As a rule, it can be done by using sophisticated passwords; however, they are hard to memorise, they are confusing or difficult to enter. Therefore our recommendation is to use passphrases – various unrelated words or a sentence. The longer the passphrase, the higher security level. It is easier to memorise and enter phrases, while they still are hard to guess.
Added security to passphrases beyond their length is ensured by the use of capital letters and symbols (remember that spaces and punctuation marks are also considered symbols).  At the same time, it is easy to remember and enter passphrases. You can add security by replacing letters with figures or symbols, e.g. “a” with “@” or “o” with  “0”. If the website or program imposes limits on the length of password, use the maximum allowed number of characters.  
https://www.esidross.lv/2017/04/18/parolu-frazes/

Practical example of passphrases:
1. select a line – e.g.:  mans draugs nenopietns cilvēks
2. select every first and third letter in every word – we got the password: mndanncl
3. a figure is needed –  replace letter l with 1 – we got the password: mndannc1
4. a capital letter is needed –  replace m with a capital M – we got the password: Mndannc1
5. a symbol is needed – replace a with & – we got the password: Mnd&nnc1
6. different password for every site – add your own abbreviation of site to the password:
  • Mnd&nnc1dr –  password for draugiem.lv;
  • Mnd&nnc1ek –  password for e-klase;
  • Mnd&nnctw – password for twitter.com
Password managers
If you have too many passphrases to remember (which often is the case), use the password manager. It is a program, which securely holds your passphrases. In such instance you only have to remember the passwords required for your device and the password manager.
For better insight please see  some password manager applications.