Gira tu dispositivo a modo "landscape"



Online Banking Security

At Kutxabank we have the necessary systems and measures to protect your passwords and transactions:

  • Hosted in a secure server environment, which guarantees the confidentiality of the information exchanged between your computer and our server by establishing an encrypted connection between them using the longest key length and the SSL protocol, thus preventing others from gaining access to the information sent.
  • Advanced DNS: our server is configured for telecommunication operators to detect identity theft attempts on behalf of Kutxabank.
  • Anti-Phishing service: our permanent monitoring service detects phishing attempts even before they take place.
  • Password entry using a virtual numeric keypad: This virtual keypad will appear on your screen both when logging in and when entering coordinates from your Code Card (CC). With this system, you avoid the risk of information being captured using spyware which records whatever is typed using a standard keyboard.
  • Access blocked after three unsuccessful attempts to enter the password.
  • Code Card: this card is essential to validate transactions. A combination of signature codes for each transaction to have a different one.
  • Signature code entry: Kutxabank will only ask you to enter the signature code once you have accessed the service (after having identified yourself) and to confirm transactions.
  • Automatic logout, which logs you out when several minutes have elapsed without your having carried out any transaction.
  • Last login date and time, for you to be able to detect if someone else has logged in.
  • Establishing quantitative limits: Kutxabank may establish quantitative limits in excess of which the transactions carried out through this Service will not be processed unless you go to a branch office.
  • Transactions with additional security: the first time you make a transfer to an account you have never used before, or when you carry out transactions which may require a higher level of security, we will send you the coordinates to your mobile phone to validate the transaction. To this end, it is essential for us to have your mobile phone number.
  • Blocked service and transactions: Kutxabank may block both the service as well as certain transactions for security reasons when there are well-founded suspicions of unauthorized or fraudulent activity.
  • The usual behaviour of the online banking client is analysed: unusual transactions are analyzed to warn you immediately if they seem to be suspicious. 


1. Make sure that you are in a secure webpage of Kutxabank: in the address bar of your browser you will see '' (instead of the usual 'http://). Besides, next to the address bar of a secure website there is always a locked padlock indicating that the communication is encrypted. By double-clicking on it, you get access to the SSL security certificate with information about the issuing entity, the validity period and the server you are connecting to.

 2. Abide by these rules when creating and safeguarding your passwords:

  • Outside these secure pages, you must never provide your personal data or passwords. In this regard, Kutxabank assures you that they will never request these confidential data via email, the phone or any other similar means.
  • Likewise, you must never access the service through links included in email messages, see 'phishing' section. You must always access the service from the website
  •  Do not provide your passwords over the phone, except when you phone Kutxabank on 901 33 55 66. If you find a site, receive an email or phone call requesting your access passwords or any kind of identification on behalf of Kutxabank do not trust them, even if they claim that it is for security reasons or system validation, and contact us on the phone number above.
  • Use your passwords only to log in or if you phoneKutxabank.
  • Do not use passwords which can be easily guessed, such as your date of birth, car registration number, ID card no... Use random passwords and change them regularly.
  • Keep you passwords in a safe place, do not write them in places which are accessible to others or keep them in a file on your computer.
  • Keep the Code Card in a safe place and do not let anybody have access to it.
  • Change your password regularly.
  • Passwords are personal and you must not share them with anybody. In Business online banking, where several people may have access to accounts on the Internet, each of these people must have and safekeep their own passwords 
  • Remember that, as the holder of the service, you assume the responsibility for any transactions which may be carried out using your "password" and, if appropriate, for your Code Card.

3. Follow our recommendations to keep your computer up-to-date and browse the net securely:

  • Install an antivirus in your computer and update it regularly. Besides, it is advisable to install a personal firewall to filter the information you receive and you send on the net.
  • Regularly update the apps on your computer (operating system, internet browser, email manager...) using the security patches provided by manufacturers.
  • Always use the latest version of your favourite browser, which will enable you to use the most secure encryption protocol.
  • Analyze all the emails you receive before opening them. If you are not sure (unknown sender, response to an email you have not sent...) the best thing is to delete them and empty the trash bin.
  • Beware of messages which request passwords for security reasons, offers, statistics...
  • Be very careful with the files you download from unreliable websites on the Internet, those you receive attached to the mail or through file sharing programmes (P2P).
  • Make security copies of the basic information on your computer regularly.
  • Do not use the AutoComplete password feature in your browser, since the password is then stored in your computer and therefore it becomes accessible to other possible users of the computer.
  • Do not use the service on public or shared computers or in unprotected Wi-Fi networks.
  • Once you finish operating in secure environments, use the "close session" option which logs you out and prevents any further transactions from being carried out in the same session.
  • Software downloading: companies must pay special attention to the security risks derived from the use of file generation tools. To this end, you are advised to use the e-notebook application of Kutxabank. This software is digitally signed for clients to be able to verify its originality and thus guarantee the security of the payments. 

4. Check your account statements regularly.

5. You may establish any limits you wish, including a limit of 0 Euros, from the service itself of by phoning 901 33 55 66 to prevent any transfers by these means whose daily individual or cumulative amount exceeds those limits.

6. Carefully read notices and instructions on online banking screens when you make a transaction or arrangement so as to know how to fill in the details and find out the terms and conditions, the result of the transaction and what it implies. In the case of complex business transactions, such as remittances, mandate acceptances, etc. you are advised to confirm the operation procedure with your office or by phone with the Business Support Service 94 401 79 07 the first time you make them

7. You may also establish access rules:

  • Indicate the access channel (online banking or telephone banking) and establish the minimum security level: no access, password-based access or access requiring a CC coordinate.
  • Limit the access channel to Internet only or telephone only.
  • Establish the security level for the access: basic mode, with password or reinforced with a coordinate from the Code Card.
  • You may also prevent access to accounts linked to companies, should you have any.
  • In the case of Companies, the holder of the contract may regulate the use of the service by the various “users” (each person, department, etc. with their own password) or establish a “consultation only” access mode, as well as establish the persons whose signature is required to authorize transactions, either individually or jointly, and up to what amount.


Menú de pie de página

Cookies policy

Cookies are important for the proper functioning of our website. In order to improve your experience, we use own or third party Cookies to recall details of a login and to provide a login, compile statistics to optimize website functionality and provide contents according to your interests. Click on Accept and continue to accept Cookies and go directly to the website.

More information