Security Awareness

Secure Transaction
Definitions you need to know :

Internet Banking Password is a secret code that is needed by Customer to access Danamon Online Banking, this password can be a combination of letters and numbers with 8 characters length.

Token is a device utilized as Bank authenticator which may produce Token Secret Code required by the Customer in order to make Financial Transaction and other Non-Financial Transaction such as password reset, changing cellular phone number and etc., via Danamon Online Banking.

Hardware Token is a device that can generate secret code in the form of Challenge Response or One Time Password (OTP) as instructed (APPLI1, APPLI2) to be entered to the device.

Preventive measures :
  1. Know closely about Danamon Online Banking
    • Ensure that you access Danamon Online Banking official website at, starting with "HTTPS".
    • In performing a transaction, Danamon Online Banking pages consist of :
      • Login Page (to enter User ID and Password)
      • Transaction Page (to enter your transaction data)
      • Confirmation Page (containing transaction data that you have entered and request for Token Code)
      • Acknowledgement Page (containing success/fail confirmation of your transaction)
      • Logout Page.
  2. Secure Registration
    • Use your own phone number and email for Registration and SMS Token Activate.
    • Keep your User ID and Password confidential.
    • Avoid any guided registration for Internet Banking. Learn how to do Registration from FAQ page to avoid fraud.
  3. Password & PIN
    • Do not Share your PIN Password or PIN Token.
    • Change your Password and PIN Token regularly.
    • Do not keep your Password and PIN Token on your computer or any place that is easily identified by others.
    • Create a password, with 8 characters using a combination of at least 1 alphabet and 1 number, that is easy for you to remember but difficult for other to guess (case sensitive).
    • Do not create PIN Token using sequence number, e.g. : '123456'.
    • Do not create PIN Token using repetitive number, e.g. : '888888'.
    • Do not create PIN Token using your birth date, phone number or other number that is predictable.
    • Do not lend, hand over you Hardware Token or share your PIN Token to others.
    • Beware of fraudster who requests for your Password or PIN Token. Bank Danamon Officer will never ask for your Password or Token PIN.
  4. Verify Websites & Transaction Activity
    • Always make sure that the address is To ensure the website is Bank Danamon official website, click on SSL Certification sign (Image 1) or press on padlock icon (Image 2) on the browser.
    • Here are some examples of Official and Un-official websites that you need to know.

      Official Website that is verified by VeriSign as Bank Danamon Indonesia websites.
      Image 1
      Image 2
      Unofficial Website
      Image 3
      Image 4
      If you are experiencing website that looks like Image 3 or Image 4, stop all activity and close the page immediately.
      See Example on other Browser
    • Ensure that when you click on padlock icon or SSL Certification, there will be information that the Danamon Online Banking website is verified by VeriSign.
      Stop all activity and close the page immediately if the website shows the following:
      • There is a problem with this website security certificate
      • Certificate Error
      • Untrusted Certificate
      • This Connection is Untrusted
      • Run by (Unknown)
    • Check your transaction history regularly to identify unauthorized transactions. If there is any unusual transaction, contact Hello Danamon immediately.
    • Ensure that the recipient name and account number are correct when performing transaction.
    • Ensure that you Log out from Danamon Online Banking at the end of your transaction.
    • Token Code is only required on confirmation page (after entry page) for the following transactions :
      • Financial Transaction : Transfer, Payment and Purchase.
      • Non-financial Transaction : Add Beneficiary, Add Payee, Reset Password (only for Hardware Token user), change mobile phone and email address and subscribe e-statement.
      If there is any request to enter Token Code other than transactions above, Logged Out immediately and Contact Hello Danamon.
  5. General
    • Use your own computer for Internet Banking Transaction.
    • Avoid using WiFi for Internet Banking transaction.
Protect your Computer

Definitions you need to know:

Malware is a program or software that is created to infiltrate or damage computer system, that can divert data entered by Customer for the interest of irresponsibility party, therefore can cause financial loss for the Customer.

Virus/Worm and Trojan are programs than can damage Operating System, Application and Data of the infected Computer.

Firewall is a system that protects a Computer or network access from other Computer that has no right to access your Computer or your Network.

Spyware is a type of program that is intended to harm, steal personal data and information from the infected Computer.

Spam is an electronic message (email, sms etc) that is not requested and is sent to many people repeatedly. The content of the message is usually about marketing promo, fake information, phishing etc.

Preventive measures:
  • Install and update your anti-virus and anti-spyware.
  • Use and ensure that the Firewall is working on your Computer.
  • Backup your Computer regularly, to avoid loss of important data/file.
  • Do not answer or forward spam email from unknown sender, and delete it immediately if you get the spam email.
  • Do not access websites and/or download suspicious file.
  • If the steps in Danamon Online Banking Transaction are unusual, do not enter your Danamon Online Banking User ID, Password and Token Code (Hardware or SMS), such as token synchronization request and others cases.

Definitions you need to know :

Phising is a method that is used by irresponsible party to get customer personal data such as User ID, Password, Token Code, D-Mobile Activation Code or other information for fraud and accessing customer Internet Banking account.

Example :
    • Link on email or SMS or other media that guides Customer to go to a website that looks like Danamon Online Banking with an objective to get Customer personal data, such as User ID and Password.
    • Faked Bank officer and/or faked reward promise to Customer to get Customer User ID and Password.
    • Guidance to Customer by irresponsible party to register for Internet Banking and request for the created User ID and Password.
Preventive measures :
  • Identify and directly access to Danamon Online Banking official website at
  • Do not respond to links from your email that asks for personal information about your Internet Banking and other personal data.
  • Do not respond and delete immediately email from unknown sender.
  • Do not click link that asks you to change and/or update your personal data.
  • Do not give any sensitive information that can give access to your account even though the website seems valid.
To find out more, contact
Hello Danamon