Geography: This article is applicable for ANZ Transactive - Global customers banking in all ANZ geographies. Full details are available in Features by Geography.
Important reminder: Never provide your password, PIN, or one-time password (OTP) to anyone, even if they claim to work for ANZ.
Security Videos
Security Tips video
An instructional video aimed to equip users with ten practical and actionable security tips, to further safeguard their ANZ Transactive — Global experience.
Importance of good security hygiene video
An awareness video aimed to help educate our customers about phishing emails, strong security passwords and cyber security. We encourage all users to practice good security hygiene and understand its importance.
About Security Features
ANZ uses a range of risk management and security features to help safeguard your corporate accounts and information when using our digital services, including ANZ Transactive – Global. If you have access to an ANZ digital service, you must understand your obligations in protecting your data, as online security is a shared responsibility.
ANZ is committed to helping you reduce the risk of these threats by providing a range of resources. We recommend that you periodically review the latest information on the following websites:
To access your ANZ digital service, login with an issued User ID and a security credential such as a Password or a Token device. These credentials verify your identity when you log on to the platform and manage or approve transactions. It is highly recommended to keep your credentials private from others.
ANZ strongly recommends using two-factor authentication (2FA) for an additional layer of security, such as a Token or ANZ Digital Key.
Secure Logout
ANZ recommends users safely end every session by using the Log Off button in the navigational bar and then closing the browser. ANZ Transactive – Global will also automatically log you out after 15 minutes of inactivity.
Know Your Customer
Know Your Customer (KYC) is what we do to identify who you are, and either confirm or verify those details to ensure they’re accurate. KYC isn’t just for new customers, it’s for all customers, regardless of tenure. By having the right customer information, we can help protect you and reduce the risk of fraud and financial crime.
Security device approvers must have KYC information registered with ANZ to approve payments and direct debits.
To register or update your KYC details to use ANZ digital services, please contact ANZ.
Two-Factor Authentication
Two-factor authentication (2FA) provides an additional layer of security when using ANZ digital services. With two-factor authentication, you confirm your digital identity using a combination of something you know (your password) and something you have (a security device).
With 2FA, if an unauthorised person obtains your password, that information alone is insufficient to access your ANZ digital services. ANZ strongly recommends the use of security devices at all times. Contact ANZ to request a security device. Please note that not all security device types are available for all digital services or all users. Additionally, laws and regulations in some geographies may mandate the use of a particular type of security device.
To learn more about the security device types available, refer to Security Devices.
Segregation of Duties
Having a single individual perform all functions within a digital channel can increase the risk of fraudulent activity going undetected. As such, ANZ strongly recommends you segregate duties amongst multiple users. This includes using multiple administrators when making changes to user profiles and system settings, as well as ensuring different users are involved when creating and approving payments and direct debits.
To ensure that you have implemented segregation of duties across ANZ Transactive – Global:
Check that your Administration Model provides segregation of duties for changes made to user profiles and system settings
Check the Authorisation Matrix that is in place for each payment and direct debit product is appropriate
Check that your users have the correct roles assigned for the tasks they undertake
Consider receiving an email notification each time a change is made to a beneficiary from your Beneficiaries screen.
Approval Discretions
ANZ Transactive – Global has preset default limits for approving payments and restricting the transaction value users can authorise. Your company administrator can amend users' discretion limits based on your structured business requirements.
All data is encrypted when transferred between ANZ Transactive – Global and our customers via the Transport Layer Security (TLS) protocol, which maintains the confidentiality and integrity of data while communicating over the internet. The TLS protocol establishes the website's identity and encrypts the transmission channel between a web browser and a website to keep the transmitted information confidential. Only the user who has established a secure web connection can see the data unencrypted. Any attempted change to the data will be detected and disallowed.
Audit Trail
ANZ provides security audit trails that report on activities performed within ANZ Transactive – Global. Reports include:
Administration audit history: Provides audit history of changes made to roles and users
User Activity Report: Details a users’ interactions with the system, including timestamps, IP addresses, services, functions and actions involved
Payment and direct debit audit reports: Details date, type, status, totals and who created, approved and modified the payment/direct debit
Payment and direct debit Template audit reports: Provides an audit report for changes made to a template
Beneficiary Audit Report:Provides an audit report for changes made to a beneficiary from your Beneficiaries screen
Audit reports can be exported to CSV and PDF and are available indefinitely. To download audit reports, refer to Report Profiles.
Malware Protection
ANZ Transactive – Global has multi-layered monitoring capability to monitor unusual user logon behaviour. This will detect when a customer’s device has been infected by financial malware, abnormal behaviour that could lead to suspicious activity, or when a customer has submitted their security credentials to a phishing site that looks like an ANZ log on page. ANZ also offers customers access to IBM® Security Trusteer Rapport™. This free software focuses on multi-layered protection against financial malware and complements your existing anti-virus software.
It is a recommended obligation for Company Administrators to regularly review your organisations’ user access, including disabling or deleting users as required, to help minimise the risk of unauthorised activity.
Changes to specific fields in the user profile will generate a notification to the end user.