Keeping your money secure online

Online banking allows you to manage your money when it suits you. Here's how you can keep it safe.

Internet banking security

Secure online banking

We’ve designed a secure online banking portal to keep your money safe with:

  • Secure design
  • Daily security checks
  • 2-factor authentication – Choose how you sign in during registration (our app or a token on a keyring)

Security elements

Username

Your username is your account number, linked to your online banking profile. If you’ve used online banking before, you would have chosen a username during registration. Keep your username safe – never share it. This makes it harder for criminals to access your account, lowers the risk of identity theft and helps prevent fraud.

If you call us on 0860 10 20 43 with an online banking query, we may ask for your username to identify your profile – but never your password or PIN.

Password

Your password is 6 – 18 characters long and includes letters and/or numbers. Choose a strong password that’s difficult to guess and change it regularly. Never share your password with anyone, not even our employees. Your password will be replaced by your Remote PIN when you register on our app.

Remote PIN

Your Remote PIN is 5 – 6 digits long. It is used to sign on to our app and authorise transactions. Never share your PIN with anyone. Choose a PIN that’s hard to guess – avoid birthdays or sequences like 12345, and don’t use the same PIN to unlock your phone.

QR Code

To sign in to online banking, you’ll need to take a selfie and scan a QR code using our app. We’ll never ask you to scan a QR code to sign in, and you should never scan one sent to you by someone else.  

Token password

If you choose a token on a keyring as your security type, your token will be linked to your profile. It generates unique passwords for authentication purposes during online banking sessions. These passwords protect your account and money. You'll need them to sign in, make payments, add beneficiaries and update your profile.

Token passwords expire quickly and can only be used once. Unlike SMS passwords, they stay safe if you keep your token with you and only use them on our online banking portal.

Confirmation messages

If you use our app as your security method, you’ll receive in-app notifications to approve online banking logins and transactions.

Validating our online banking website

You will have your photo taken when you open an account with us. It will be linked to your online banking profile. You can ask a consultant to update your photo anytime. Always check that the photo displayed is you and that it’s consistent with the photo from your previous sessions. If your photo has changed without your knowledge or you suspect that you are not on our online banking website, stop transacting immediately and contact us on 0860 10 20 43.

Our URL in the address bar must be https://direct.capitecbank.co.za/. You can verify that you're on our official online banking website by checking the digital certificate, an electronic document that confirms a website’s authenticity, and looking for the padlock icon in your browser’s address bar to ensure your connection is secure.

Stay safe when banking online

  • Ensure no one has unauthorised access to your computer, app or token
  • If you lose your token, call us immediately on 0860 10 20 43
  • Don't open suspicious or unfamiliar emails and never click on attachments or links in unexpected emails
  • Poor grammar and spelling mistakes are signs that an email or website may not be safe
  • Never access our website through a link. Instead, type in the address manually
  • Avoid using public WiFi and public computers like internet cafés
  • Don't open other websites while you are signed in. Only have one browser window or tab open
  • Install and use the latest antivirus software
  • Ensure your computer has the latest operating system and browser updates installed
  • A green indicator will be displayed in the address bar to confirm that you’re visiting a secure website. This indicator varies for different browsers but will always appear in one form or another if the website is secure
  • Never share your login details with anyone. We’ll never ask you for this information