Gira tu dispositivo a modo "landscape"



Online Banking Security

At Kutxabank we have the necessary systems and measures to protect your passwords and transactions:

  • Hosted in a secure server environment, which guarantees the confidentiality of the information exchanged between your computer and our server by establishing an encrypted connection between them using the longest key length and the SSL protocol, thus preventing others from gaining access to the information sent.
  • Advanced DNS: our server is configured for telecommunication operators to detect identity theft attempts on behalf of Kutxabank.
  • Anti-Phishing service: our permanent monitoring service detects phishing attempts even before they take place.
  • Password entry using a virtual numeric keypad: This virtual keypad will appear on your screen both when logging in and when entering coordinates from your Code Card (CC). With this system, you avoid the risk of information being captured using spyware which records whatever is typed using a standard keyboard.
  • Access blocked after three unsuccessful attempts to enter the password.
  • Code Card: this card is essential to validate transactions. A combination of signature codes for each transaction to have a different one.
  • Signature code entry: Kutxabank will only ask you to enter the signature code once you have accessed the service (after having identified yourself) and to confirm transactions.
  • Automatic logout, which logs you out when several minutes have elapsed without your having carried out any transaction.
  • Last login date and time, for you to be able to detect if someone else has logged in.
  • Establishing quantitative limits: Kutxabank may establish quantitative limits in excess of which the transactions carried out through this Service will not be processed unless you go to a branch office.
  • Transactions with additional security: the first time you make a transfer to an account you have never used before, or when you carry out transactions which may require a higher level of security, we will send you the coordinates to your mobile phone to validate the transaction. To this end, it is essential for us to have your mobile phone number.
  • Blocked service and transactions: Kutxabank may block both the service as well as certain transactions for security reasons when there are well-founded suspicions of unauthorized or fraudulent activity.
  • The usual behaviour of the online banking client is analysed: unusual transactions are analyzed to warn you immediately if they seem to be suspicious. 


1. Make sure that you are in a secure webpage of Kutxabank: in the address bar of your browser you will see '' (instead of the usual 'http://). Besides, next to the address bar of a secure website there is always a locked padlock indicating that the communication is encrypted. By double-clicking on it, you get access to the SSL security certificate with information about the issuing entity, the validity period and the server you are connecting to.

 2. Abide by these rules when creating and safeguarding your passwords:

  • Outside these secure pages, you must never provide your personal data or passwords. In this regard, Kutxabank assures you that they will never request these confidential data via email, the phone or any other similar means.
  • Likewise, you must never access the service through links included in email messages, see 'phishing' section. You must always access the service from the website
  •  Do not provide your passwords over the phone, except when you phone Kutxabank on 900 44 55 66. If you find a site, receive an email or phone call requesting your access passwords or any kind of identification on behalf of Kutxabank do not trust them, even if they claim that it is for security reasons or system validation, and contact us on the phone number above.
  • Use your passwords only to log in or if you phoneKutxabank.
  • Do not use passwords which can be easily guessed, such as your date of birth, car registration number, ID card no... Use random passwords and change them regularly.
  • Keep you passwords in a safe place, do not write them in places which are accessible to others or keep them in a file on your computer.
  • Keep the Code Card in a safe place and do not let anybody have access to it.
  • Change your password regularly.
  • Passwords are personal and you must not share them with anybody. In Business online banking, where several people may have access to accounts on the Internet, each of these people must have and safekeep their own passwords 
  • Remember that, as the holder of the service, you assume the responsibility for any transactions which may be carried out using your "password" and, if appropriate, for your Code Card.

3. Follow our recommendations to keep your computer up-to-date and browse the net securely:

  • Install an antivirus in your computer and update it regularly. Besides, it is advisable to install a personal firewall to filter the information you receive and you send on the net.
  • Regularly update the apps on your computer (operating system, internet browser, email manager...) using the security patches provided by manufacturers.
  • Always use the latest version of your favourite browser, which will enable you to use the most secure encryption protocol.
  • Analyze all the emails you receive before opening them. If you are not sure (unknown sender, response to an email you have not sent...) the best thing is to delete them and empty the trash bin.
  • Beware of messages which request passwords for security reasons, offers, statistics...
  • Be very careful with the files you download from unreliable websites on the Internet, those you receive attached to the mail or through file sharing programmes (P2P).
  • Make security copies of the basic information on your computer regularly.
  • Do not use the AutoComplete password feature in your browser, since the password is then stored in your computer and therefore it becomes accessible to other possible users of the computer.
  • Do not use the service on public or shared computers or in unprotected Wi-Fi networks.
  • Once you finish operating in secure environments, use the "close session" option which logs you out and prevents any further transactions from being carried out in the same session.
  • Software downloading: companies must pay special attention to the security risks derived from the use of file generation tools. To this end, you are advised to use the e-notebook application of Kutxabank. This software is digitally signed for clients to be able to verify its originality and thus guarantee the security of the payments. 

4. Check your account statements regularly.

5. You may establish any limits you wish, including a limit of 0 Euros, from the service itself of by phoning 900 44 55 66 to prevent any transfers by these means whose daily individual or cumulative amount exceeds those limits.

6. Carefully read notices and instructions on online banking screens when you make a transaction or arrangement so as to know how to fill in the details and find out the terms and conditions, the result of the transaction and what it implies. In the case of complex business transactions, such as remittances, mandate acceptances, etc. you are advised to confirm the operation procedure with your office or by phone with the Business Support Service 94 401 79 07 the first time you make them

7. You may also establish access rules:

  • Indicate the access channel (online banking or telephone banking) and establish the minimum security level: no access, password-based access or access requiring a CC coordinate.
  • Limit the access channel to Internet only or telephone only.
  • Establish the security level for the access: basic mode, with password or reinforced with a coordinate from the Code Card.
  • You may also prevent access to accounts linked to companies, should you have any.
  • In the case of Companies, the holder of the contract may regulate the use of the service by the various “users” (each person, department, etc. with their own password) or establish a “consultation only” access mode, as well as establish the persons whose signature is required to authorize transactions, either individually or jointly, and up to what amount.


Menú de pie de página

Cookies settings

We use our own and third-party cookies to analyse our services and show you advertising related to your preferences, based upon a profile drawn up from your browsing habits (for example, visited pages).

You can set or reject the use of cookies or obtain more information.

Privacy Preferences Centre
Your Privacy

When you visit a website, it can store or retrieve information in your browser, primarily in the form of cookies. This information may be about you, your preferences or your device and is primarily used in order to make the site work as expected. The information does not generally identify you directly, but it may provide you with a more personalized web experience. Given that we respect your privacy, you may choose to exclude some types of cookies. You may click on the different category headers to obtain more information and change our default setting. However, if you block some types of cookies, your user experience on the website may be affected as well as the services we can provide you.

Technical cookies
Disabled Always enabled

These cookies are necessary for website function and cannot be disabled in our systems. Generally speaking, they can only be set in response to the actions you perform requesting services, such as setting you privacy preferences, initiating a session or filling in forms. You can set your browser to block or alert you regarding these cookies, but some site areas will not function. These cookies do not store any personally identifiable information.

Analysis Cookies
Disabled Enabled

These cookies enable us to keep track and analyse user behaviour on the page, and in particular, count the number of visits and traffic sources in order to assess and improve the performance of our website. They help us to know what pages are visited the most or the least, and how visitors browse through the website. All the information collected by these cookies is aggregated and is, therefore, anonymous. If you do not allow the use of these cookies, we will not know when you visited our website and we will not be able to assess whether it functioned correctly.

Personalisation cookies
Disabled Enabled

These cookies enable the website to provide a better functionality and personalization, allowing the user to access the service with some general characteristics predefined according to a series of criteria in his/her terminal such as, for example, the language, the type of browser through which he/she accesses the service, the regional setting from which he/she accesses the service, etc. This Category of cookies may be established by our company or by external suppliers whose services we have added to our pages. If you do not allow the use of these cookies, it’s quite possible that some of these services will not function correctly.

Advertising Cookies
Disabled Enabled

These cookies may include standard advertising cookies as well as behavioural advertising cookies. The former enables the effective management of advertising spaces based on criteria such as the edited content or the frequency in which the advertisements are shown. The latter are those established via our website by our advertising partners. These cookies store user behavioural information obtained via the continuous observation of their browsing habits, enabling the development of a specific profile to display advertising in accordance to it. If you do not allow these cookies, you will view less targeted advertising.